How fix val field initialization with Spring Security proxy?

Question

Consider kotlin controller class:

@RestController
@RequestMapping("/myPath/")
open class MyController {
    private val s3AsyncClient: S3AsyncClient = S3AsyncClient.builder().build()
    //...
    @PostMapping("/indexing")
    @Secured("ROLE_USER")
    fun someFunction() {
        return s3AsyncClient.toString();
    }
}

Which leads to NullPointerException.

Here is what I saws in debugger:

But when @Secured is removed everything works. So it seems that spring security proxing breaks kotlin val initialization. is there a way to make them works all together?

Could you try `@PreAuthorize ("hasRole('ROLE_USER')")` instead of `@Secured("ROLE_USER")`. — Ataur Rahman Munna, Sep 26 '17 at 06:02
I answered the that. If it works then you can accept and upvote the answer. — Ataur Rahman Munna, Sep 26 '17 at 07:46
Added a comment to answer, `@PreAuthorize` does not work because it leads to no proxy genertion. — Cherry, Sep 26 '17 at 09:51

score 0 · Answer 1 · answered Sep 26 '17 at 09:49

It turns out that by default kotlin mark all methods as final. So the methods can not be overrided and that's why it is called from object itself, not from proxies. So to make proxying work just add open key word in method definition:

@PostMapping("/indexing")
@Secured("ROLE_USER")
/* -> */ open fun someFunction() {
    return s3AsyncClient.toString();
}

How fix val field initialization with Spring Security proxy?

1 Answers1