I am porting a grails 2.4.5 application to grails 3.1.11. The application has its own authprovider, which allows users to authenticate from the db or ldap server. If the user is an ldap user, login credentials are checked from ldap, if not from db. Roles are loaded from the database. This script works fine in grails 2.4.5
When migrating to grails 3.1.11, "org.hibernate.HibernateException: session was not found for the current thread," is called in CustomLdapAuthenticationProvider when I want to reach the database. If I put @Transactional over the method, the error will disappear. I do not know that this is the right way because I assumed that grails will handle the session already in the web request.
My code is like
....
class CustomLdapAuthenticationProvider extends LdapAuthenticationProvider {
def ldapAuthProvider
def daoAuthenticationProvider
def springSecurityService
def userDetailsService
def dataSource
def grailsApplication
CustomLdapAuthenticationProvider(LdapAuthenticationProvider ldapAuthenticationProvider) {
super(ldapAuthenticationProvider.authenticator, ldapAuthenticationProvider.authoritiesPopulator)
}
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String username = authentication.principal?.toString()?.toLowerCase()
String password = authentication.credentials
Boolean isExistingLdapUser = User.withCriteria {
eq("personUsername", username)
eq("personIsldap", true)
}[0] as Boolean
if (isExistingLdapUser) {
authentication = ldapAuthProvider.authenticate(authentication)
springSecurityService.loggedIn ? Person.findByPersonUsername(authentication.principal.username) : null
.....
.....
.....
}
}
? ?