1
0
mirror of synced 2026-07-19 17:45:11 +00:00

SEC-1857: Use Principal.getName() in ContextPropagatingRemoteInvocation

This is a better option than using the toString() method
where the latter doesn't return the username. e.g when the
principal is a UserDetails.
This commit is contained in:
Luke Taylor
2011-12-05 21:23:42 +00:00
parent daa7f3f64e
commit b1af3d00ee
@@ -63,7 +63,7 @@ public class ContextPropagatingRemoteInvocation extends RemoteInvocation {
Authentication currentUser = SecurityContextHolder.getContext().getAuthentication();
if (currentUser != null) {
principal = currentUser.getPrincipal().toString();
principal = currentUser.getName();
credentials = currentUser.getCredentials().toString();
} else {
principal = credentials = null;