You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In our spring-security configuration we have this:
http.securityContext(
customizer ->
// store the security context as request attribute and not session
customizer.securityContextRepository(
new RequestAttributeSecurityContextRepository()))
However VaadinAwareSecurityContextHolderStrategy attempts to fetch the SecurityContext from the session first and falls back to a self managed ThreadLocal storage. Should it not just assume that, if a RequestAttributeSecurityContextRepository is configured, it can fetch it from there instead ?
The text was updated successfully, but these errors were encountered:
In our spring-security configuration we have this:
However VaadinAwareSecurityContextHolderStrategy attempts to fetch the SecurityContext from the session first and falls back to a self managed ThreadLocal storage. Should it not just assume that, if a
RequestAttributeSecurityContextRepository
is configured, it can fetch it from there instead ?The text was updated successfully, but these errors were encountered: