Menu
I have an application that relies on the authentication bound to the request thread (e.g. when calling external REST services the identity is sticked into an outgoing HTTP header transparently by a request interceptor on the RestTemplate).
I am in the process of learning and applying reactive patterns in this application using Project Reactor and started with making my REST api calls reactive. These are using the Schedulers.elastic() pool and lead to loosing the Spring Security Context. Even if I switched to using the InheritableThreadLocal context holder strategy the elastic pool would mix things up.
I am seeking for advice from people who have more experience in this topic about the best and most transparent pattern I could apply in this case. I did not manage to find any really appealing solution for this problem yet.
Is there any extension to Reactor or Spring Security that addresses this inconvenience? Is there any extension point in Project Reactor that I could leverage?
242
Reactive Support is the big theme for Spring Security 5. The first milestone has been released not that long ago.
52
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
