1.

What do you mean by principal in Spring security?

Answer»

The principal is actually the CURRENTLY logged in user that is using the APPLICATION. Information/data about the principal (currently authenticated user) is stored in the SecurityContext of the application. As a helper class, SecurityContextHolder provides access to the security context. By default, it uses a THREADLOCAL object to store SecurityContext, so SecurityContext is always ACCESSIBLE to methods in the same thread of execution, EVEN if SecurityContext isn't passed around explicitly. 


Discussion

No Comment Found

Related InterviewSolutions