• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

request.getParameter == null, even though form post var does exist

 
K Mansoor
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello-

I have asked this question on stackoverflow (http://stackoverflow.com/questions/6444700/spring-security-custom-filter-cannot-read-from-post-parameter) and spring-security (http://forum.springsource.org/showthread.php?110978-Spring-security-3-amp-SSO-with-pubcookie) however couldn't find a solution, re-posting here:

Essentially, I have a pre-authenticated scenario, where I have a custom pre-auth filter and if a certain form post variable is not present in the request the request is redirected to an external authentication system (pubcookie), the system authenticates the user and re-sends the request back to my application with the id of the authenticated user in a form post variable. The custom pre-auth filter 'should' succeed this time.

Problem is the form post data is being "lost", request.getParameter("x") always returns null. The filter is pretty basic, nothing earth shattering. Tamper-Data shows the variable is present in the request.

I'm stuck with this issue for a week now, has any body seen such behavior?
 
Mark Spritzler
ranger
Sheriff
Posts: 17278
6
IntelliJ IDE Mac Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sounds like because of the redirect, the request loses its values because of the scope of request parameters aren't retained in redirects. That is why there is this scope called Flash scope in web frameworks like Grails for instance. I am not sure if there is one that you can set it to that scope in Spring Security. So you might need to put those values into the Session or something that will allow it to be available after a redirect.

Unfortunately, I don't have a specific solution for you.

Mark
 
K Mansoor
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I may not be understanding correctly, however, my app is not sending any parameters to the external app, rather the other way around, so not sure how the params can be lost in redirect.
 
Mark Spritzler
ranger
Sheriff
Posts: 17278
6
IntelliJ IDE Mac Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
K Mansoor wrote:I may not be understanding correctly, however, my app is not sending any parameters to the external app, rather the other way around, so not sure how the params can be lost in redirect.

request the request is redirected to an external authentication system



There, you just said that your request is redirected. So the request parameter is now gone. That is what I mean.

Mark
 
Kaveh Goudarzi
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Did you ever work out what the problem was? I'm facing exactly the same situation and am stumped.

thanks in advance + kind regards,

Kaveh.
 
Kaveh Goudarzi
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

In my case the problem was due to the fact that my preauth custom filter was calling the HttpServletRequest.getInputStream() but the WrapperRequest I was passing to the downstream filters had a bug which meant that they got nulls. Once I fixed my HttpServletRequestWrapper object things started to work.

Hope this helps.

Kaveh.
 
Tommy Delson
Ranch Hand
Posts: 206
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Problems like this you need to post your codes in order for others to help you, based on the info alone I can't confirm even I may know what's the problem.

In summary, I think something it has to do with store the "HOHUM_ID" from pubcookie in the session and retrieve it later. I think you have missed something there, that's why it give you a null.

From the Controller you needs to do store the the ID in the session, later if you want to retrieve for the next process you need to do a check whether the ID is there or not, if not get the ID from the session etc.

The MAIN problem that I see is probably you didn't store the ID return from pubcookie any where so, it give you null when you try to getting the ID out.



The code below doesn't do any good.



How about this:








I assumed that everything else is set correctly...


Hope it help...
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic