-
Notifications
You must be signed in to change notification settings - Fork 806
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SecurityContextHolder #2
Comments
SecurityContextHolder is the most fundamental object where we store details of the present security context of the application (includes details of the principal). Spring Security uses an Authentication object to represent this information and we can query this Authentication object from anywhere in our application: Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); Pasting it from author's another detailed blog post on the same- https://bezkoder.com/spring-boot-jwt-mysql-spring-security-architecture/ |
To clarify, the reason why JWT is considered stateless is because we do not need to store the user's session in the server. Instead, the client is responsible for storing session details in the form of the jwt token. The line |
Hi May I ask what is the use of
SecurityContextHolder.getContext().setAuthentication(authentication);
in the AuthController?
I thought JWT was session-less and stateless. Thank you
The text was updated successfully, but these errors were encountered: