SEC-291: Avoid unnecessary creation of SecurityContextHolderStrategy.

2006-06-01 14:02:56 +00:00 · 2006-06-01 14:02:56 +00:00 · f7020755be
parent da780e4567
commit f7020755be
2 changed files with 28 additions and 18 deletions
--- a/core/src/main/java/org/acegisecurity/context/SecurityContextHolder.java
+++ b/core/src/main/java/org/acegisecurity/context/SecurityContextHolder.java
@ -30,11 +30,11 @@ import java.lang.reflect.Constructor;
 * three valid <code>MODE_</code> settings defined as <code>static final</code> fields, or a fully qualified classname
 * to a concrete implementation of {@link org.acegisecurity.context.SecurityContextHolderStrategy} that provides a
 * public no-argument constructor.</p>
- *  <p>There are two ways to specify the desired mode <code>String</code>. The first is to specify it via the
- * system property keyed on {@link #SYSTEM_PROPERTY}. The second is to call {@link #setStrategyName(String)} before
- * using the class. If neither approach is used, the class will default to using {@link #MODE_THREADLOCAL}, which is
- * backwards compatible, has fewer JVM incompatibilities and is appropriate on servers (whereas {@link #MODE_GLOBAL}
- * is not).</p>
+ *  <p>There are two ways to specify the desired strategy mode <code>String</code>. The first is to specify it via
+ * the system property keyed on {@link #SYSTEM_PROPERTY}. The second is to call {@link #setStrategyName(String)}
+ * before using the class. If neither approach is used, the class will default to using {@link #MODE_THREADLOCAL},
+ * which is backwards compatible, has fewer JVM incompatibilities and is appropriate on servers (whereas {@link
+ * #MODE_GLOBAL} is definitely inappropriate for server use).</p>
 *
 * @author Ben Alex
 * @version $Id$
@ -49,8 +49,12 @@ public class SecurityContextHolder {
    public static final String MODE_GLOBAL = "MODE_GLOBAL";
    public static final String SYSTEM_PROPERTY = "acegi.security.strategy";
    private static String strategyName = System.getProperty(SYSTEM_PROPERTY);
-    private static Constructor customStrategy;
    private static SecurityContextHolderStrategy strategy;
+    private static int initializeCount = 0;
+
+    static {
+        initialize();
+    }

    //~ Methods ========================================================================================================

@ -58,7 +62,6 @@ public class SecurityContextHolder {
     * Explicitly clears the context value from the current thread.
     */
    public static void clearContext() {
-        initialize();
        strategy.clearContext();
    }

@ -68,11 +71,20 @@ public class SecurityContextHolder {
     * @return the security context (never <code>null</code>)
     */
    public static SecurityContext getContext() {
-        initialize();
-
        return strategy.getContext();
    }

+    /**
+     * Primarily for troubleshooting purposes, this method shows how many times the class has reinitialized its
+     * <code>SecurityContextHolderStrategy</code>.
+     *
+     * @return the count (should be one unless you've called {@link #setStrategyName(String)} to switch to an alternate
+     *         strategy.
+     */
+    public static int getInitializeCount() {
+        return initializeCount;
+    }
+
    private static void initialize() {
        if ((strategyName == null) || "".equals(strategyName)) {
            // Set default
@ -88,16 +100,15 @@ public class SecurityContextHolder {
        } else {
            // Try to load a custom strategy
            try {
-                if (customStrategy == null) {
-                    Class clazz = Class.forName(strategyName);
-                    customStrategy = clazz.getConstructor(new Class[] {});
-                }
-
+                Class clazz = Class.forName(strategyName);
+                Constructor customStrategy = clazz.getConstructor(new Class[] {});
                strategy = (SecurityContextHolderStrategy) customStrategy.newInstance(new Object[] {});
            } catch (Exception ex) {
                ReflectionUtils.handleReflectionException(ex);
            }
        }
+
+        initializeCount++;
    }

    /**
@ -106,7 +117,6 @@ public class SecurityContextHolder {
     * @param context the new <code>SecurityContext</code> (may not be <code>null</code>)
     */
    public static void setContext(SecurityContext context) {
-        initialize();
        strategy.setContext(context);
    }

@ -122,6 +132,6 @@ public class SecurityContextHolder {
    }

    public String toString() {
-        return "SecurityContextHolder[strategy='" + strategyName + "']";
+        return "SecurityContextHolder[strategy='" + strategyName + "'; initializeCount=" + initializeCount + "]";
    }
 }
--- a/core/src/test/java/org/acegisecurity/context/SecurityContextHolderTests.java
+++ b/core/src/test/java/org/acegisecurity/context/SecurityContextHolderTests.java
@ -240,8 +240,8 @@ public class SecurityContextHolderTests extends TestCase {

    public void testSynchronizationCustomStrategyLoading() {
        SecurityContextHolder.setStrategyName(InheritableThreadLocalSecurityContextHolderStrategy.class.getName());
-        assertEquals("SecurityContextHolder[strategy='org.acegisecurity.context.InheritableThreadLocalSecurityContextHolderStrategy']",
-            new SecurityContextHolder().toString());
+        assertTrue(new SecurityContextHolder().toString()
+                                              .lastIndexOf("SecurityContextHolder[strategy='org.acegisecurity.context.InheritableThreadLocalSecurityContextHolderStrategy'") != -1);
        loadStartAndWaitForThreads(true, "Main_", 10, false, true);
        assertEquals("Thread errors detected; review log output for details", 0, errors);
    }