From e98e9bc86b6bc87bf042d8a4981f0c848482adac Mon Sep 17 00:00:00 2001 From: Roy Golan Date: Wed, 7 Jun 2023 15:21:13 +0300 Subject: [PATCH] Propagte security context to threads created by spring Motivation All flow and task execution are async (@Async) and All of them are lacking the security context. This means sending notification or any other action that needs this info is lacking it. Modification Configure the context strategy on bootup time so every thread that spring creates will inherit the security context. Result Sending notifications using the Notifier interface doesn't need any user information Gaps Workflows that are continued upon server restart are probably missing this information and we need to probably fetch the user info from the DB and rebuild the security context. Signed-off-by: Roy Golan --- .../parodos/workflow/registry/BeanWorkFlowRegistryImpl.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/workflow-service/src/main/java/com/redhat/parodos/workflow/registry/BeanWorkFlowRegistryImpl.java b/workflow-service/src/main/java/com/redhat/parodos/workflow/registry/BeanWorkFlowRegistryImpl.java index 6cc507a3e..63f5dcf49 100644 --- a/workflow-service/src/main/java/com/redhat/parodos/workflow/registry/BeanWorkFlowRegistryImpl.java +++ b/workflow-service/src/main/java/com/redhat/parodos/workflow/registry/BeanWorkFlowRegistryImpl.java @@ -47,6 +47,7 @@ import org.springframework.core.annotation.AnnotationAttributes; import org.springframework.core.type.AnnotatedTypeMetadata; import org.springframework.data.util.Pair; +import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Component; /** @@ -95,6 +96,7 @@ public BeanWorkFlowRegistryImpl(ConfigurableListableBeanFactory beanFactory, Map @PostConstruct void postInit() { + SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_INHERITABLETHREADLOCAL); workFlowDefinitionService.cleanAllDefinitionMappings(); saveWorkFlow(); saveChecker();