SecurityContextHolder.getContext().getAuthenticati on() returning mutiple User
Hi everybody,
I use a simple method for returning the current user.
If i deploy and run locally everything works fine. I call the method over a remote service with adobe flex. The method delivers always the right user and null if i am not logged in.Code:public static UserDetails currentUserDetails() { SecurityContext securityContext = SecurityContextHolder.getContext(); Authentication authentication = securityContext.getAuthentication(); if (authentication != null) { Object principal = authentication.getPrincipal(); return (principal instanceof UserDetails) ? (UserDetails) principal : null; } return null; }
But when I deploy it on our development server, every call of this service returns a different userobject, even when I am not logged in.
How is this possible? I thought the security context is stored thread local in the session?
Thanks in advance!
Daniel
