java.lang.Object | |
↳ | org.springframework.security.core.context.SecurityContextHolder |
Associates a given SecurityContext
with the current execution thread.
This class provides a series of static methods that delegate to an instance of
SecurityContextHolderStrategy
. The purpose of the class is to provide a
convenient way to specify the strategy that should be used for a given JVM.
This is a JVM-wide setting, since everything in this class is static
to facilitate ease of use in
calling code.
To specify which strategy should be used, you must provide a mode setting. A mode setting is one of the
three valid MODE_
settings defined as static final
fields, or a fully qualified classname
to a concrete implementation of SecurityContextHolderStrategy
that
provides a public no-argument constructor.
There are two ways to specify the desired strategy mode String
. The first is to specify it via
the system property keyed on SYSTEM_PROPERTY
. The second is to call setStrategyName(String)
before using the class. If neither approach is used, the class will default to using MODE_THREADLOCAL
,
which is backwards compatible, has fewer JVM incompatibilities and is appropriate on servers (whereas MODE_GLOBAL
is definitely inappropriate for server use).
Constants | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
String | MODE_GLOBAL | ||||||||||
String | MODE_INHERITABLETHREADLOCAL | ||||||||||
String | MODE_THREADLOCAL | ||||||||||
String | SYSTEM_PROPERTY |
Public Constructors | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Explicitly clears the context value from the current thread.
| |||||||||||
Delegates the creation of a new, empty context to the configured strategy.
| |||||||||||
Obtain the current
SecurityContext . | |||||||||||
Allows retrieval of the context strategy.
| |||||||||||
Primarily for troubleshooting purposes, this method shows how many times the class has re-initialized its
SecurityContextHolderStrategy . | |||||||||||
Associates a new
SecurityContext with the current thread of execution. | |||||||||||
Changes the preferred strategy.
| |||||||||||
[Expand]
Inherited Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
|
Explicitly clears the context value from the current thread.
Delegates the creation of a new, empty context to the configured strategy.
Obtain the current SecurityContext
.
null
)
Allows retrieval of the context strategy. See SEC-1188.
Primarily for troubleshooting purposes, this method shows how many times the class has re-initialized its
SecurityContextHolderStrategy
.
setStrategyName(String)
to switch to an alternate
strategy.
Associates a new SecurityContext
with the current thread of execution.
context | the new SecurityContext (may not be null )
|
---|
Changes the preferred strategy. Do NOT call this method more than once for a given JVM, as it will re-initialize the strategy and adversely affect any existing threads using the old strategy.
strategyName | the fully qualified class name of the strategy that should be used. |
---|