Announcement Announcement Module
Collapse
No announcement yet.
Swing client security context Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Swing client security context

    hi,

    i've got a problem with using spring security on a java swing client.
    there is a web server providing remote methods using
    Code:
    HttpInvokerServiceExporter
    .

    all necessary methods of the service layer on the server side are secured through
    Code:
    MethodSecurityInterceptor
    on the other side there is a rich client written with java/swing.
    accessing the exported service.

    so here it comes to my problem:

    how do i use the authentication object properly when setting it to the security context?
    i am successful with getting an authentication object from the server. but what im i supposed to do with it then?

    after calling the following within the exported service:
    Code:
    SecurityContextHolder.getContext().setAuthentication(myAuthObject);
    i can access the secured methods through my client. everything seems fine. when i start a second client (on completely another machine) everything is still fine.
    but when i close one of the clients (so i remove the authenticationObject from the security context), all other clients are not authenticated anymore too.

    Code:
    An Authentication object was not found in the SecurityContext
    so this brings me to the conclusion, that there is a single security context on the server and if i revoke the auth object, there is no remote method call possible anymore.

    if i call
    Code:
    SecurityContextHolder.getContext().setAuthentication(myAuthObject);
    directly in the client code, i immediately get the "no auth object..." exception.

    so where should i put the authentication object, so that every client has its own security context without interfering?

    i would really appreciate any help. i've tried a lot of things to get this working but without success.

    cheers, chris

  • #2
    no singe answer yet?

    hi guys!

    can really no one help me with my problem?

    is my question maybe too unclear?
    what can i improve to get answers?

    chris

    Comment

    Working...
    X