3

使用 xsuaa approuter login 获取登录用户对象时出现异常

User currentUser = UserAccessor.getCurrentUser();

我要在不使用 GuiceFilter 的情况下获取 currentUser 对象,如果我应用 GuiceFilter 则会低于异常。

任何人请建议我如何使用 GuiceFilter 获取 UserAccessor.getCurrentUser()

com.sap.cloud.sdk.cloudplatform.security.user.exception.UserAccessException: Failed to get current user: no RequestContext available. Have you correctly configured a RequestContextServletFilter or have you wrapped your logic in a RequestContextExecutor when executing background tasks that are not triggered by a request?
at com.sap.cloud.sdk.cloudplatform.security.user.AbstractUserFacade.getCurrentUserIfAuthenticated(AbstractUserFacade.java:85)
at com.sap.cloud.sdk.cloudplatform.security.user.AbstractUserFacade.getCurrentUser(AbstractUserFacade.java:135)
at com.sap.cloud.sdk.cloudplatform.security.user.UserAccessor.getCurrentUser(UserAccessor.java:122)
at com.company.HelloWorldServlet2.handleRequest(HelloWorldServlet2.java:35)
at com.company.BaseServlet.doPost(BaseServlet.java:120)
at com.company.BaseServlet.doGet(BaseServlet.java:104)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:624)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at com.google.inject.servlet.ServletDefinition.doServiceImpl(ServletDefinition.java:287)
at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:277)
at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:182)
at com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:91)
at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:119)
at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:133)
at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:130)
at com.google.inject.servlet.GuiceFilter$Context.call(GuiceFilter.java:203)
at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:130)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
at org.apache.tomee.catalina.OpenEJBValve.invoke(OpenEJBValve.java:44)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:494)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at com.sap.xs.java.valves.ErrorReportValve.invoke(ErrorReportValve.java:66)
at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:191)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at com.sap.xs.jdbc.datasource.valve.JDBCValve.invoke(JDBCValve.java:62)
at com.sap.xs.security.UserInfoValve.invoke(UserInfoValve.java:19)
at com.sap.xs.statistics.tomcat.valve.RequestTracingValve.invoke(RequestTracingValve.java:43)
at com.sap.xs.logging.catalina.RuntimeInfoValve.invoke(RuntimeInfoValve.java:40)
at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:695)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1136)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:836)
4

2 回答 2

1

从本质上讲,Sander 的回答已经是正确的(请接受他的回答)。更准确地说,您在 web.xml 中的定义必须如下所示(之前省略所有其他 ServletFilters):

<!-- other filter go here -->

<filter>
    <filter-name>RequestContextServletFilter</filter-name>
    <filter-class>com.sap.cloud.sdk.cloudplatform.servlet.RequestContextServletFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>RequestContextServletFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<filter>
    <filter-name>guiceFilter</filter-name>
    <filter-class>com.google.inject.servlet.GuiceFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>guiceFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

我已经用这个尝试了你最小的非工作示例,异常消失了。使用 ALLOW_MOCKED_AUTH_HEADER: true 环境变量会返回一个空用户,这足以证明过滤器在 Guice 过滤器之前应用:

在此处输入图像描述

于 2018-11-24T17:29:49.957 回答
0

从堆栈跟踪来看,似乎GuiceFilter调用了 ,而RequestContextServletFilter没有调用 。RequestContextServletFilter初始化 a ,这RequestContext是检索用户信息的先决条件。

您可以尝试RequestContextServletFilter在 web.xml 文件中明确声明吗?

于 2018-11-15T08:08:49.770 回答