I have implemented a custom AbstractPreAuthenticatedProcessingFilter which returns a Principal (actually an Object as per the signature) in the method getPreAuthenticatedPrincipal(HttpServletRequest).
I am custom-implementing a UserDetailsService which needs to access the Principal somehow. I have tried using SecurityContextHolder.getContext().getAuthentication().getPrincipal(), which is throwing a NullPointerException since getAuthentication() is null.
How do I access the Principal otherwise?
The reason it is null is that spring security was not able to identify the principal up to that point. Extract from the javadoc of AbstractPreAuthenticatedProcessingFilter:
UserDetailService is responsible for loading the user object. Then, after successful authentication, principal will be set containing the given user object.