Skip to content

SEC-2726: Add a getStrategyName method to SecurityContextHolder #2951

Open
Open
SEC-2726: Add a getStrategyName method to SecurityContextHolder#2951
Labels
in: coreAn issue in spring-security-coretype: enhancementA general enhancementtype: jiraAn issue that was migrated from JIRA
@spring-projects-issues

Description

@spring-projects-issues
spring-projects-issues
opened on Sep 26, 2014

Magnus Hovén (Migrated from SEC-2726) said:

I have a client API that is used both by a desktop application and a web service. The strategy used by the SecurityContextHolder differs depending on if it is run as a web service (MODE_THREADLOCAL) or as a desktop application (MODE_GLOBAL). I have a case where a thread pool is used and for these threads I want to clear the context if it is a web service (for security reasons), but I can't do that for the desktop application since it would clear the context for all threads because of the global mode. In my case it would be very practical if I could call SecurityContextHolder.getStrategyName() to retrieve the strategy used and then I can choose to clear the context or not depending on what strategy that is used. Since the strategy is set in xml configuration file and since it also can be changed at run time, I think it would be much more cumbersome to try to retrieve the value in some other way.

So my suggestion is to add a getStrategyName method to SecurityContextHolder.

Metadata

Metadata

Assignees

No one assigned

    Labels

    in: coreAn issue in spring-security-coretype: enhancementA general enhancementtype: jiraAn issue that was migrated from JIRA

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions