• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Spring SecurityContext in Clustered Environment

 
Baskar Sikkayan
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
We use Spring security 3 in our Application and we get current user details as follows.

public static SessionUser currentUserDetails() {
SecurityContext securityContext = SecurityContextHolder.getContext();
Authentication authentication = securityContext.getAuthentication();
if (authentication != null) {
Object principal = authentication.getPrincipal();
return principal instanceof UserDetails ? (SessionUser) principal
: null;
}
return null;
}

Now, we are planning to move this App to a clustered environment. Will there be any code change?
We are wondering if there is any change in the code for clustered environment?

Any help on this will be appreciated?

Thanks,
Baskar.S
 
Bill Gorder
Bartender
Posts: 1682
7
Android IntelliJ IDE Linux Mac OS X Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Please Use Code Tags

The SecurityContext and its assoicated Authentication is stored in the session, so this can work in clustered environment. Just note that setting up session replication is application server specific and not instantaneous. You will likely need to set up sticky sessions on your load balancer to help account for this as well.

I am not an expert on configuring application servers (there is always another team that handles that on my projects) but to your original question, yes your code can work just fine in a clustered environment.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic