org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code; Error when using a custom Audit Resolver.

[hasanmk52]

I am using the grails-audit-pluggin verion 4.0.1 in my grails 4 application with grails shiro 4.3 plugin and getting below Error:

2020-11-28 17:06:25.988 [restartedMain] ERROR g.p.o.auditable.AuditLogListener - Error creating audit log for event PreUpdate and domain ADMIN
org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton.  This is an invalid application configuration.
    at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUtils.java:123)
    at org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:626)
    at org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:56)
    at org.apache.shiro.SecurityUtils$getSubject.call(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:47)
    at org.codehaus.groovy.runtime.callsite.StaticMetaMethodSite.call(StaticMetaMethodSite.java:94)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:119)
    at com.mhz.tascr.shiro.ShiroAuditResolver.getCurrentActor(ShiroAuditResolver.groovy:11)
    at grails.plugins.orm.auditable.Auditable$Trait$Helper.getLogCurrentUserName(Auditable.groovy:111)
    at grails.plugins.orm.auditable.Auditable$Trait$Helper$getLogCurrentUserName$8.call(Unknown Source)
    at com.mhz.tascr.shiro.Role.getLogCurrentUserName(Role.groovy)
    at grails.plugins.orm.auditable.AuditLogListener$_logChanges_closure3$_closure4.doCall(AuditLogListener.groovy:216)
    at sun.reflect.GeneratedMethodAccessor266.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:101)
    at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:323)
    at org.codehaus.groovy.runtime.metaclass.ClosureMetaClass.invokeMethod(ClosureMetaClass.java:263)
    at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1041)
    at groovy.lang.Closure.call(Closure.java:405)
    at groovy.lang.Closure.call(Closure.java:421)
    at org.codehaus.groovy.runtime.DefaultGroovyMethods.each(DefaultGroovyMethods.java:2296)
    at org.codehaus.groovy.runtime.DefaultGroovyMethods.each(DefaultGroovyMethods.java:2281)
    at org.codehaus.groovy.runtime.DefaultGroovyMethods.each(DefaultGroovyMethods.java:2334)
    at grails.plugins.orm.auditable.AuditLogListener$_logChanges_closure3.doCall(AuditLogListener.groovy:200)
    at grails.plugins.orm.auditable.AuditLogListener$_logChanges_closure3.call(AuditLogListener.groovy)
    at grails.gorm.transactions.GrailsTransactionTemplate$2.doInTransaction(GrailsTransactionTemplate.groovy:94)
    at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:140)
    at grails.gorm.transactions.GrailsTransactionTemplate.execute(GrailsTransactionTemplate.groovy:91)
    at org.grails.datastore.gorm.GormStaticApi.withTransaction(GormStaticApi.groovy:1014)
    at org.grails.datastore.gorm.GormStaticApi.withTransaction(GormStaticApi.groovy:966)

I have created the ShiroAuditResolver class in src/main/groovy folder.

@Component('auditRequestResolver')
class ShiroAuditResolver extends DefaultAuditRequestResolver {
    @Override
    String getCurrentActor() {
        SecurityUtils.getSubject()?.getPrincipal()
    }
}

and registered in resources.groovy:

// Place your Spring DSL code here
beans = {
    auditRequestResolver(ShiroAuditResolver) { }
}

Now in the getCurrentActor() if instead of SecurityUtils.getSubject()?.getPrincipal() if I replace with a hard coded String it doesn't give me any error. Please suggest if there is anything wrong here.

[felixscheinost]

Can you provide an example project that reproduces the problem?