Results 1 to 2 of 2

Thread: DI of Authentication object

  1. Jan 12th, 2007, 09:46 AM #1
    carango
    carango is offline Junior Member
    Join Date
    Dec 2006
    Location
    Bogotá, Colombia
    Posts
    13

    Default DI of Authentication object

    Hi,

    Currently the mechanism for accessing the authentication object as described in the users guide is the following:

    Code:
    Object obj = SecurityContextHolder.getContext().getAuthentication().getPrincipal();

if (obj instanceof UserDetails) {
  String username = ((UserDetails)obj).getUsername();
} else {
  String username = obj.toString();
}
    This is contrary to the hollywood principle.

    I think that by using custom bean scopes in Spring 2.0 it would be possible to DI an authentication object into any bean and avoid the evil Singleton pattern.

    What do you guys think? Has this been discussed before?

    Regards,
    C.A.
  2. Feb 26th, 2007, 01:47 PM #2
    karldmoore
    karldmoore is offline Senior Member
    Join Date
    Sep 2006
    Location
    UK
    Posts
    8,425

    Default

    Interesting idea. Thead, Request, Session scope I can see where you are going with this. You could use the Authentication as a scoped proxy but I'm not sure all this seems right. I think the current method of doing it seems appropriate for the nature of the problem, IMHO.
    http://acegisecurity.org/multiprojec...extHolder.html
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules