Skip to content

MCP server: Authentication lost in tool execution #2506

Open
@GregoireW

Description

@GregoireW

Bug description

I'm in a situation where I have authentication with OIDC (so an access token basically).

When I set authentication required on the /sse and /mcp/** endpoint, then the client side only connect when I provide the correct access token. This is ok.

Even when the client send a call to a tool, the authentication is needed, but inside the executed code, I cannot access the authentication.

SecurityContextHolder.getContext().getAuthentication() and ReactiveSecurityContextHolder.getContext() return null.

Long story short, I cannot control data ownership so this is bad, and my MCP server also execute some api call that need to be authenticated, and I use the oauth2ClientRequestInterceptor to do token exchange so this also fail. ( the MCP core even with SYNC option goes through reactive code and the original servlet thread is put on hold, giving the execution to a 'boundedElactic' thread )

Environment

Spring MVC ( springboot 3.4 )
Spring AI 1.0.0-M6 ( spring-ai-mcp-server-webmvc-spring-boot-starter )
spring-boot-starter-oauth2-resource-server (for oauth2 authentication )

Steps to reproduce

Enable authentication on an application, create a Tool that just return the authenticated user.

Expected behavior

I expect to be able to find the security context when a tool is called from MCP

Minimal Complete Reproducible example

Enable authentication on a springboot with MCP server activated,
Create a Tool

@Tool(description="Get your name")
    public String getYourName() {
        return SecurityContextHolder.getContext().getAuthentication().getName();
    }

call the tool. It should answer your sub and not null.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions