SecurityContext accross clustered environment

[bmc88]

I've been studying the examples carefully but I have a hard time grasping about possible implementation and authentication storage accross multiple node. How would I go about doing that? Let the appserver replicate the HttpSession with the SecureContext in it or the Authentication object itself.

In other words what would be the best way to distribute my Authentication object that is in the locally bound SecureContext?

[Ben Alex]

SecureContext is an interface that can be stored in a ContextHolder, with the latter being a ThreadLocal-bound object holder.

You wouldn't replicate the SecureContext. Instead, you'd replicate the HttpSession. The HttpSessionIntegrationFilter is responsible for setting up the ContextHolder with an appropriate SecureContext (populated with an Authentication from the HttpSession) at the start of each request, and removing the ContextHolder object at the end of each request.

So, it's pretty simply. Just use the net.sf.acegisecurity.ui packages "as-is" and the HttpSession should replicate just fine without special handling. You might want to think about caching, though. Ensure you're using it and if you write something that evicts objects from the cache, consider a cluster-aware cache like SwarmCache.

[bmc88]

Thanks, for the insight, it makes sense both distribution as well as replicating the Authentication.