Spring Security Exception using @AuthenticationPrincipal with primitive parameters

Summary

I have a Controller using @AuthenticationPrincipal(expression = "...") on a long value.

Actual Behavior

It's successfully querying the long value, but it's throwing an exception because long is not assignable from Long.

Expected Behavior

The long value should be passed into the controller.

Configuration

Version

4.3.7.RELEASE

Sample

@Controller
@RequestMapping(value = "/hello-world", produces = "application/json")
public class HelloWorldController2 {
  @RequestMapping(method= RequestMethod.GET)
  public @ResponseBody
  String sayHello(@AuthenticationPrincipal(expression = "test", errorOnInvalidType = true) long test) {
    // ...
  }

}

I have a UserDetail implantation with long getTest()

The exception I'm seeing is

java.lang.ClassCastException: 123456 is not assignable to long
    at org.springframework.security.web.method.annotation.AuthenticationPrincipalArgumentResolver.resolveArgument(AuthenticationPrincipalArgumentResolver.java:142) ~[spring-security-web-4.2.2.RELEASE.jar:4.2.2.RELEASE]
    at org.springframework.web.method.support.HandlerMethodArgumentResolverComposite.resolveArgument(HandlerMethodArgumentResolverComposite.java:121) ~[spring-web-4.3.7.RELEASE.jar:4.3.7.RELEASE]
    at org.springframework.web.method.support.InvocableHandlerMethod.getMethodArgumentValues(InvocableHandlerMethod.java:158) ~[spring-web-4.3.7.RELEASE.jar:4.3.7.RELEASE]
    at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:128) ~[spring-web-4.3.7.RELEASE.jar:4.3.7.RELEASE]
    at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:116) ~[spring-webmvc-4.3.7.RELEASE.jar:4.3.7.RELEASE]
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827) ~[spring-webmvc-4.3.7.RELEASE.jar:4.3.7.RELEASE]
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738) ~[spring-webmvc-4.3.7.RELEASE.jar:4.3.7.RELEASE]
    at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) ~[spring-webmvc-4.3.7.RELEASE.jar:4.3.7.RELEASE]
    at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:963) ~[spring-webmvc-4.3.7.RELEASE.jar:4.3.7.RELEASE]
    at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:897) ~[spring-webmvc-4.3.7.RELEASE.jar:4.3.7.RELEASE]
    at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) ~[spring-webmvc-4.3.7.RELEASE.jar:4.3.7.RELEASE]
    at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861) ~[spring-webmvc-4.3.7.RELEASE.jar:4.3.7.RELEASE]

The issue seems to be in AuthenticationPrincipalArgumentResolver

                if (principal != null
                && !parameter.getParameterType().isAssignableFrom(principal.getClass())) {

            if (authPrincipal.errorOnInvalidType()) {
                throw new ClassCastException(principal + " is not assignable to "
                        + parameter.getParameterType());
            }
            else {
                return null;
            }
        }

parameter.getParameterType().isAssignableFrom(principal.getClass()) is false when * parameter.getParameterType() is long * principal.getClass() is java.lang.Long

Comment From: eleftherias

Duplicate of gh-10172