From 9fa6e78770aa137c89e65e015e3136fd04acdae3 Mon Sep 17 00:00:00 2001
From: Luke Taylor <luke.taylor@springsource.com>
Date: Mon, 5 Dec 2011 21:23:42 +0000
Subject: [PATCH] SEC-1857: Use Principal.getName() in
 ContextPropagatingRemoteInvocation

This is a better option than using the toString() method
where the latter doesn't return the username. e.g when the
principal is a UserDetails.
---
 .../remoting/rmi/ContextPropagatingRemoteInvocation.java        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/remoting/src/main/java/org/springframework/security/remoting/rmi/ContextPropagatingRemoteInvocation.java b/remoting/src/main/java/org/springframework/security/remoting/rmi/ContextPropagatingRemoteInvocation.java
index 999ae1a2cb..517bb979f0 100644
--- a/remoting/src/main/java/org/springframework/security/remoting/rmi/ContextPropagatingRemoteInvocation.java
+++ b/remoting/src/main/java/org/springframework/security/remoting/rmi/ContextPropagatingRemoteInvocation.java
@@ -65,7 +65,7 @@ public class ContextPropagatingRemoteInvocation extends RemoteInvocation {
         Authentication currentUser = SecurityContextHolder.getContext().getAuthentication();
 
         if (currentUser != null) {
-            principal = currentUser.getPrincipal().toString();
+            principal = currentUser.getName();
             credentials = currentUser.getCredentials().toString();
         } else {
             principal = credentials = null;