如何设置Spring Security SecurityContextHolder策略? [英] How to set up Spring Security SecurityContextHolder strategy?

查看:455
本文介绍了如何设置Spring Security SecurityContextHolder策略?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我在服务中使用了异步方法(Spring 3 @Async注释).而且我有一个问题-产生的线程没有安全上下文.原因是Spring Security默认为其上下文持有者使用SecurityContextHolder.MODE_THREADLOCAL策略.但是我需要使用SecurityContextHolder.MODE_INHERITABLETHREADLOCAL策略. 目前,我在 AuthenticationSuccessHandler 中设置了策略.但是我认为这不是一个好习惯.

I'm using asynchronous methods in my service (Spring 3 @Async annotation). And I've got a problem - spawned thread doesn't have security context. Cause of it is Spring Security by default uses SecurityContextHolder.MODE_THREADLOCAL strategy for its context holder. But I need to use SecurityContextHolder.MODE_INHERITABLETHREADLOCAL strategy. For the moment I set up strategy in my AuthenticationSuccessHandler. But in my point of view it's not a good practice.

那么如何在上下文配置文件中进行设置?
Spring Security的版本是3.0.0.

So how can I set it up in context configuration file?
Version of spring security is 3.0.0.

推荐答案

您可以将环境变量spring.security.strategy设置为MODE_INHERITABLETHREADLOCAL.您还可以使用一个简单的bean,在Web应用程序启动期间调用SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_INHERITABLETHREADLOCAL)并在上下文配置文件中初始化该值.

You can set the environment variable spring.security.strategy to MODE_INHERITABLETHREADLOCAL. You could also have a simple bean that during your web applications startup calls SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_INHERITABLETHREADLOCAL) and initialize that value in your context configuration file.

查看全文

相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆