Uploaded image for project: 'atlassian-seraph'
  1. atlassian-seraph
  2. SER-154

request.getRemoteUser() does not return a logged in user

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: High High
    • 2.3.4, 2.4
    • 2.2
    • None
    • true

      This change http://svn.atlassian.com/fisheye/changelog/public?cs=39411 http://svn.atlassian.com/fisheye/cru/CR-517#c3145 has broken confluence's invite plugin.

      The plugin used to rely on the fact that after calling getAuthenticator().login(ServletActionContext.getRequest(), ServletActionContext.getResponse(), username, password, true); the request.getRemoteUser will return the username of logged in user. After we changed the BaseLoginFilter to cache the principle it no longer does that.

      I changed the plugin so it is no longer affected...

        1. seraph-fix.patch
          1 kB
          Matthew Erickson

            [SER-154] request.getRemoteUser() does not return a logged in user

            vkharisma made changes -
            Link New: This issue causes JRACLOUD-23124 [ JRACLOUD-23124 ]
            vkharisma made changes -
            Link New: This issue causes CONFCLOUD-21201 [ CONFCLOUD-21201 ]
            Matthew Erickson made changes -
            Resolution New: Fixed [ 1 ]
            Status Original: To be reviewed [ 10026 ] New: Resolved [ 5 ]
            Matthew Erickson made changes -
            Status Original: Implemented [ 10025 ] New: To be reviewed [ 10026 ]
            Matthew Erickson made changes -
            Fix Version/s New: 2.3.4 [ 15781 ]
            Status Original: Open [ 1 ] New: Implemented [ 10025 ]
            Matthew Erickson made changes -
            Assignee New: Matthew Erickson [ merickson ]
            Jeremy Largman made changes -
            Link New: This issue causes CONF-21362 [ CONF-21362 ]

            bain added a comment -

            You can get at the underlying request using the following code:

                private String getRealRemoteUser(HttpServletRequest request)
    {
        if (request instanceof HttpServletRequestWrapper)
        {
            final ServletRequest unwrap = ((HttpServletRequestWrapper) request).getRequest();
            if (unwrap instanceof HttpServletRequest)
            {
                return ((HttpServletRequest) unwrap).getRemoteUser();
            }
        }
        return request.getRemoteUser();
    }

            bain added a comment - You can get at the underlying request using the following code: private String getRealRemoteUser(HttpServletRequest request) { if (request instanceof HttpServletRequestWrapper) { final ServletRequest unwrap = ((HttpServletRequestWrapper) request).getRequest(); if (unwrap instanceof HttpServletRequest) { return ((HttpServletRequest) unwrap).getRemoteUser(); } } return request.getRemoteUser(); }
            Matthew Erickson made changes -
            Attachment New: seraph-fix.patch [ 42403 ]

            Matthew Erickson added a comment -

            Uploaded patch we gave to Confluence customers. See CONF-21201.

            Matthew Erickson added a comment - Uploaded patch we gave to Confluence customers. See CONF-21201 .

              merickson Matthew Erickson
              akazatchkov Anatoli
              Affected customers:
              2 This affects my team
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved:
                14 years, 29 weeks, 3 days ago