Piotr Bryczkowski
11/07/2023, 4:18 PMRiccardo Lippolis
11/07/2023, 5:57 PMSecurityContext
.
But if you want suspendable controller functions, I would suggest using Spring WebFlux instead with reactive security, as described in the official Spring documentationPiotr Bryczkowski
11/07/2023, 10:50 PMRiccardo Lippolis
11/08/2023, 7:27 AMPiotr Bryczkowski
11/08/2023, 12:56 PM@Bean
fun filterChain(http: HttpSecurity): SecurityFilterChain {
val whiteList = allowedUrls.split(",").toTypedArray()
http
.cors()
.and()
.authorizeHttpRequests()
.requestMatchers(*whiteList).permitAll()
.anyRequest()
.authenticated()
.and()
.oauth2ResourceServer()
.jwt()
.jwtAuthenticationConverter(getJwtAuthenticationConverter())
return http.build()
}
This is basically the whole essence of my security config.Riccardo Lippolis
11/08/2023, 1:13 PM@RestController
currently has something like this:
@GetMapping("/some/url")
suspend fun myFunction(): MyReturnValue {
// do some coroutine stuff, where somewhere you call withContext(SecurityCoroutineContext()) { ... }
// or something like launch(SecurityCoroutineContext()) { ... } or similar
}
could you try to change it to the following structure, to see if my assumption is correct in that it might be something that's triggered by the way that Spring MVC calls suspending controller functions:
@GetMapping("/some/url")
fun myFunction(): MyReturnValue = runBlocking(SecurityCoroutineContext()) {
// do some coroutine stuff
}
Piotr Bryczkowski
11/08/2023, 2:19 PMRiccardo Lippolis
11/08/2023, 2:24 PM