Implementing SecurityService without ThreadLocal to use with Kotlin coroutine

Asked Jul 14 '21 at 16:47

Active Jul 14 '21 at 22:40

Viewed 152 times

Somewhat related to this:

We are trying to inject a SecurityService bean so that I can access the authentication object outside of a controller. Unfortunately, like the previous RequestScope implementation, the DefaultSecurityService implementation of getAuthentication relies on the ServerRequestContext.currentRequest() which is using ThreadLocal:

@Override
public Optional<Authentication> getAuthentication() {
    return ServerRequestContext.currentRequest()
            .flatMap(request -> request.getUserPrincipal(Authentication.class));
}

And since we're also using Kotlin coroutines, we want to find a way of implementing getAuthentication without ThreadLocal. Any suggestions on how we can go about doing that?

edited Jul 14 '21 at 22:40

asked Jul 14 '21 at 16:47

Chan Rao

1

[What about `CoroutineContext`](https://stackoverflow.com/a/46227463/10871900)? – dan1st Jul 14 '21 at 16:53
@dan1st If I understand correctly, both [CoroutineContext](https://stackoverflow.com/questions/46227462/how-to-use-code-that-relies-on-threadlocal-with-kotlin-coroutines/46227463#46227463) and the [official support for ThreadLocal in coroutines](https://kotlinlang.org/docs/coroutine-context-and-dispatchers.html#thread-local-data) requires us to specify an initial value? – Chan Rao Jul 14 '21 at 19:27

Implementing SecurityService without ThreadLocal to use with Kotlin coroutine

0 Answers0