Announcement Announcement Module
Collapse
No announcement yet.
DI of Authentication object Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • DI of Authentication object

    Hi,

    Currently the mechanism for accessing the authentication object as described in the users guide is the following:

    Code:
    Object obj = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
    
    if (obj instanceof UserDetails) {
      String username = ((UserDetails)obj).getUsername();
    } else {
      String username = obj.toString();
    }
    This is contrary to the hollywood principle.

    I think that by using custom bean scopes in Spring 2.0 it would be possible to DI an authentication object into any bean and avoid the evil Singleton pattern.

    What do you guys think? Has this been discussed before?

    Regards,

  • #2
    Interesting idea. Thead, Request, Session scope I can see where you are going with this. You could use the Authentication as a scoped proxy but I'm not sure all this seems right. I think the current method of doing it seems appropriate for the nature of the problem, IMHO.
    http://acegisecurity.org/multiprojec...extHolder.html

    Comment

    Working...
    X