This week's book giveaways are in the Java EE and JavaScript forums.
We're giving away four copies each of The Java EE 7 Tutorial Volume 1 or Volume 2(winners choice) and jQuery UI in Action and have the authors on-line!
See this thread and this one for details.
The moose likes Spring and the fly likes Spring SecurityContext in Clustered Environment Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Spring SecurityContext in Clustered Environment" Watch "Spring SecurityContext in Clustered Environment" New topic
Author

Spring SecurityContext in Clustered Environment

Baskar Sikkayan
Greenhorn

Joined: Oct 06, 2011
Posts: 16
Hi,
We use Spring security 3 in our Application and we get current user details as follows.

public static SessionUser currentUserDetails() {
SecurityContext securityContext = SecurityContextHolder.getContext();
Authentication authentication = securityContext.getAuthentication();
if (authentication != null) {
Object principal = authentication.getPrincipal();
return principal instanceof UserDetails ? (SessionUser) principal
: null;
}
return null;
}

Now, we are planning to move this App to a clustered environment. Will there be any code change?
We are wondering if there is any change in the code for clustered environment?

Any help on this will be appreciated?

Thanks,
Baskar.S
Bill Gorder
Bartender

Joined: Mar 07, 2010
Posts: 1648
    
    7

Please Use Code Tags

The SecurityContext and its assoicated Authentication is stored in the session, so this can work in clustered environment. Just note that setting up session replication is application server specific and not instantaneous. You will likely need to set up sticky sessions on your load balancer to help account for this as well.

I am not an expert on configuring application servers (there is always another team that handles that on my projects) but to your original question, yes your code can work just fine in a clustered environment.


[How To Ask Questions][Read before you PM me]
 
Consider Paul's rocket mass heater.
 
subject: Spring SecurityContext in Clustered Environment