Hi Tom
Dunstan Tom wrote:
the existing upgrade notes for 0.9.0 are
plain wrong).
I have corrected this in CVS, so at the least the public web site
(acegisecurity.org) will display the correct upgrade instructions for
those moving to 0.9.0.
- I see that Oliver Hutchison sent a proposal after the code was
reverted suggesting a strategy interface which didn't get any replies; I
think that idea is also good and would allow configuration using spring
but default to InheritableThreadLocal. It needn't even be as heavy as
Oliver's solution: Simply having a static setThreadLocalImpl(ThreadLocal
tl) would do the trick, and would be reasonably guaranteed to be called
before any user iteraction if done inside a spring config file.
I have re-read Oliver's strategy proposal and believe it is probably the
most elegant at this stage. We have a feature freeze on before we get
1.0.0 out, though, so we can't change it just yet. Nevertheless, I have
added it to JIRA as SEC-152. In the meantime you'll need to copy the
contents of the SecurityContext to new threads as suggested.
On a related note, I spoke with Juergen about this at The Spring
Experience and we felt it needed more consideration as a standardised
context duplication approach also needs to also consider (a) other
ThreadLocals within Spring and (b) the interaction with task executor
implementations (such as included in Spring 2).
Best regards
Ben
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
