Register
Help
Remember Me?

Results 1 to 2 of 2

Thread: repeated authentication of Authentication object

Thread Tools
- Show Printable Version
- Subscribe to this Thread…
Display
- Switch to Linear Mode
- Switch to Hybrid Mode
- Threaded Mode

Threaded View

Oct 13th, 2004, 08:44 AM #1
cjack

View Profile

View Forum Posts

Private Message

Junior Member
Join Date

Oct 2004

Posts

1
repeated authentication of Authentication object

This is my understanding of the SecurityInterceptor mechanics:
For each request a Authentication object is retrieved from the SecureContext. The Authentication object gets authenticated and the authenticated Authentication object gets placed back in the SecureContext.

Question: Why is it necessary to (re)authenticate a Authentication object even if it has already been authenticated in a previous request? Specifically are there any security concerns regarding this procedure or could the (re)authentication also be avoided by simply reusing an authenticated Authentication object?

Thanks for your patience
Chris

Quick Navigation Security Top

Site Areas
Settings
Private Messages
Subscriptions
Who's Online
Search Forums
Forums Home
Forums
Spring Projects
1. Announcements
2. Container
3. AOP
4. Data
  1. Hadoop
  2. NoSQL
  3. GemFire
  4. LDAP
5. Security
  1. OAuth
  2. SAML
6. Web
  1. Web Flow
  2. Flex
  3. Social
  4. Mobile
  5. Greenhouse
7. Web Services
8. Integration
9. Batch
10. Management
  1. Spring Insight Bounty Program
  2. Insight
11. SpringSource Tool Suite
12. Roo
13. Android
14. Scala
Other Spring Related
1. Shell
2. Remoting
3. EJB
4. Swing
5. Architecture
6. Grails
7. Meta
8. Champions
  1. Grails
  2. Groovy
  3. Spring
9. User Groups
SpringSource tc Server
1. tc Server Announcements
2. tc Server General
SpringSource Cloud Foundry
1. Cloud Foundry Announcements
2. Cloud Foundry General
Spring Extensions
OSGi Related
Attic

« Previous Thread | Next Thread »

Similar Threads

Problem: SecureContextImpl reused in subsequent session

By jgraves in forum Security

Replies: 2
Last Post: Oct 13th, 2005, 02:47 PM
Domain Models and Validation – An Architectural Discussion

By leask in forum Swing

Replies: 2
Last Post: Oct 10th, 2005, 05:12 PM
Spring container fails with no exception

By naor in forum Container

Replies: 9
Last Post: Oct 1st, 2005, 03:39 PM
Loosing my SecureContext

By sklakken in forum Security

Replies: 3
Last Post: Jul 21st, 2005, 01:44 PM
Method call why not be intercepted by MethodSecurityIntercep

By aaron8tang in forum Security

Replies: 8
Last Post: Dec 7th, 2004, 06:13 PM

Posting Permissions

You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
[VIDEO] code is On
HTML code is Off

All times are GMT -5. The time now is 09:26 PM.

Powered by vBulletin® Version 4.2.1
Copyright © 2013 vBulletin Solutions, Inc. All rights reserved.