VaadinService.getCurrent() is null in AuthenticationProvider

In my project authentication is done through a POST to a rest API, which takes some extra data in addition to username and password. These additional datas are retrieved through a “pre-login” process to the rest API and are stored as cookies.

I get a NPE on “VaadinService.getCurrent()” during the login process. The login starts with a click on a “LoginForm” and dies when trying to get cookies through the current VaadinService.

And I want to point out that getting and setting cookies works perfectly fine in the pre-login process described earlier - it’s first during the login process in where something goes wrong.

These are the classes I use for my login (mostly copy-pasted from Vaadin/Spring tutorials):

LoginView class with a LoginForm
AuthenticationService builds a login POST call to the rest API using a restTemplate
CustomAuthenticationProvider (AuthenticationProvider) class basically just use the AuthenticationService to do the login
SecurityConfig class that configures HttpSecurity including setting the AuthenticationProvider
RestClientService that handles the pre-login process

The NPE occurs in the CustomAuthenticationProvider → AuthenticationService where I’m trying to get the cookies to build the POST.

I’m somewhere in the range between new-to-rusty when it comes to Vaadin, Spring and webdev. Is my approach wrong? Why is “VaadinService.getCurrent()” null in the “AuthenticationProvider” context, but not in the RestClientService context?

I’m happy to provide detailed code if needed.

VaadinService is a Vaadin class; it should not be used in a rest controller or other stateless things not related to Vaadin. There is 110% a better solution based on Spring for your problem