Spring security Userdetails cannot be cast to my own user implementation-CodePudding

I have a User class that implements the spring security UserDetails. However, during authentication of a login request, it gives a ClassCastException that UserDetails cannot be cast to my User class.

The full error:

java.lang.ClassCastException: class org.springframework.security.core.userdetails.User cannot be cast to class nl.teamrepositories.vliegmaatschappij.security.domain.User (org.springframework.security.core.userdetails.User is in unnamed module of loader 'app'; nl.teamrepositories.vliegmaatschappij.security.domain.User is in unnamed module of loader org.springframework.boot.devtools.restart.classloader.RestartClassLoader @6ef8cb6)

User:

package nl.teamrepositories.vliegmaatschappij.security.domain;

import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;

import javax.persistence.*;
import java.util.Collection;
import java.util.List;

@Entity
@Table(name = "users")
@Getter @Setter @NoArgsConstructor
public class User implements UserDetails {

    @Id
    @GeneratedValue(strategy = GenerationType.AUTO)
    private Long id;

    @Column(nullable = false, unique = true)
    private String firstName;
    private String lastName;
    private String username;
    private String password;

    private boolean enabled;
    private boolean tokenExpired;

    public User(String firstName, String lastName, String username, String password) {
        this.firstName = firstName;
        this.lastName = lastName;
        this.username = username;
        this.password = password;
    }

    @ManyToMany
    @JoinTable(
            name = "users_roles",
            joinColumns = @JoinColumn(
                    name = "user_id", referencedColumnName = "id"),
            inverseJoinColumns = @JoinColumn(
                    name = "role_id", referencedColumnName = "id"))
    private Collection<Role> roles;

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        return List.of(new SimpleGrantedAuthority("ROLE_USER"));
    }

    @Override
    public String getUsername() {
        return username;
    }

    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    @Override
    public boolean isAccountNonLocked() {
        return true;
    }

    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }
    
    @Override
    public boolean isEnabled() {
        return true;
    }
}

In JwtAuthenticationFilter:

@Override
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
                                        FilterChain filterChain, Authentication authentication) {
    User user = (User) authentication.getPrincipal(); // this is where the error occurs
    // more code
}

I don't see why my User class cannot be cast to the UserDetails class of Spring.

What should I change?

Thanks in advance.

CodePudding user response：

Check your imports in JwtAuthenticationFilter. I guess you are using import org.springframework.security.core.userdetails.User instead of your own class import nl.teamrepositories.vliegmaatschappij.security.domain.User:

import nl.teamrepositories.vliegmaatschappij.security.domain.User;
(...)

public class JwtAuthenticationFilter {
    (...)

    @Override
    protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
                                            FilterChain filterChain, Authentication authentication) {
        User user = (User) authentication.getPrincipal(); // this is where the error occurs
        // more code
    }
}

Either here or at some place else in your code you are using the wrong User class (Spring one instead of yours).