问题描述
我在服务中使用了异步方法(Spring 3 @Async注释).而且我有一个问题-产生的线程没有安全上下文.原因是Spring Security默认为其上下文持有者使用SecurityContextHolder.MODE_THREADLOCAL策略.但是我需要使用SecurityContextHolder.MODE_INHERITABLETHREADLOCAL策略.目前,我在 AuthenticationSuccessHandler 中设置了策略.但是我认为这不是一个好习惯.
I'm using asynchronous methods in my service (Spring 3 @Async annotation). And I've got a problem - spawned thread doesn't have security context. Cause of it is Spring Security by default uses SecurityContextHolder.MODE_THREADLOCAL strategy for its context holder. But I need to use SecurityContextHolder.MODE_INHERITABLETHREADLOCAL strategy.For the moment I set up strategy in my AuthenticationSuccessHandler. But in my point of view it's not a good practice.
那么如何在上下文配置文件中进行设置?
Spring Security的版本是3.0.0.
So how can I set it up in context configuration file?
Version of spring security is 3.0.0.
推荐答案
您可以将环境变量spring.security.strategy设置为MODE_INHERITABLETHREADLOCAL.您还可以使用一个简单的bean,在Web应用程序启动期间调用SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_INHERITABLETHREADLOCAL)并在上下文配置文件中初始化该值.
You can set the environment variable spring.security.strategy to MODE_INHERITABLETHREADLOCAL. You could also have a simple bean that during your web applications startup calls SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_INHERITABLETHREADLOCAL) and initialize that value in your context configuration file.
这篇关于如何设置Spring Security SecurityContextHolder策略?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!