Explain SecurityContext and SecurityContext Holder in Spring security.

1.	Explain SecurityContext and SecurityContext Holder in Spring security.
Answer» There are two fundamental classes of SPRING Security: SecurityContext and SecurityContextHolder. SecurityContext: In this, information/data about the CURRENTLY authenticated user (also known as the principal) is STORED. So, in order to obtain a username or any other information about the user, you must first obtain the SecurityContext. SecurityContextHolder: Retrieving the currently authenticated principal is easiest via a static call to the SecurityContextHolder. As a helper class, it provides ACCESS to the security context. By default, it uses a ThreadLocal object to store SecurityContext, so SecurityContext is always accessible to methods in the same thread of execution, even if SecurityContext isn't passed AROUND.

Answer»

There are two fundamental classes of SPRING Security: SecurityContext and SecurityContextHolder.

SecurityContext: In this, information/data about the CURRENTLY authenticated user (also known as the principal) is STORED. So, in order to obtain a username or any other information about the user, you must first obtain the SecurityContext.
SecurityContextHolder: Retrieving the currently authenticated principal is easiest via a static call to the SecurityContextHolder. As a helper class, it provides ACCESS to the security context. By default, it uses a ThreadLocal object to store SecurityContext, so SecurityContext is always accessible to methods in the same thread of execution, even if SecurityContext isn't passed AROUND.

Discussion