如果您想要访问异步调用中的安全上下文,您可以实现上下文感知线程池执行器来存储安全上下文时创建像下面的线程。
public class CustomExecutor extends ThreadPoolTaskExecutor { @Override public <T> Future<T> submit(Callable<T> task) { return super.submit(new ScopeAwareCallable<T>(task, SecurityContextHolder.getContext())); } }
public class ScopeAwareCallable<T> implements Callable<T> {
private Callable<T> callableTask;
private SecurityContext securityContext;
public ScopeAwareCallable(Callable<T> task, SecurityContext secContex) {
this.callableTask = task;
this.securityContext = secContex;
}
@Override
public T call() throws Exception {
if(securityContext != null){
SecurityContextHolder.setContext(securityContext);
}
try {
return callableTask.call();
}
finally {
SecurityContextHolder.clearContext();
}
}
}
配置这是在Spring配置你的任务执行。如果您使用Runnable而不是Callable,则可以重写支持Runnable执行的ThreadPoolTaskExecutor中的其他方法。
请参阅http://stackoverflow.com/questions/3467918/how-to-set-up-spring-security-securitycontextholder-strategy – Ritesh