JBoss Community

Security Context Propagation

created by Anil Saldhana in PicketBox Development - View the full discussion

Discussion related to https://docs.jboss.org/author/display/SECURITY/Java+Application+Security

 

When there is a need to propagate security context, the following usecases come into my mind:

a) Thread level security context propagation.

b) Session level security context propagation.

   - Internal session maintained by PicketBox.

   - External session injected.

 

The API can look like the following:

 

SecurityContext context = //

SecurityContextPropagation.setContext(context, Level.THREAD);

SecurityContextPropagation.setContext(context, Level.SESSION);

SecurityContextPropagation.setContext(context, session, Level.SESSION);

 

 

context = SecurityContextPropagation.getContext();  //Thread level or internal session

context = SecurityContextPropagation.getContext(session);

 

Note: Session is an instance of PicketBoxSession.

Reply to this message by going to Community

Start a new discussion in PicketBox Development at Community