From f7020755be458196ee6d9b3733cfb5f0553fdbcd Mon Sep 17 00:00:00 2001 From: Ben Alex Date: Thu, 1 Jun 2006 14:02:56 +0000 Subject: [PATCH] SEC-291: Avoid unnecessary creation of SecurityContextHolderStrategy. --- .../context/SecurityContextHolder.java | 42 ++++++++++++------- .../context/SecurityContextHolderTests.java | 4 +- 2 files changed, 28 insertions(+), 18 deletions(-) diff --git a/core/src/main/java/org/acegisecurity/context/SecurityContextHolder.java b/core/src/main/java/org/acegisecurity/context/SecurityContextHolder.java index 599e898bf7..abc3cabea2 100644 --- a/core/src/main/java/org/acegisecurity/context/SecurityContextHolder.java +++ b/core/src/main/java/org/acegisecurity/context/SecurityContextHolder.java @@ -30,11 +30,11 @@ import java.lang.reflect.Constructor; * three valid MODE_ settings defined as static final fields, or a fully qualified classname * to a concrete implementation of {@link org.acegisecurity.context.SecurityContextHolderStrategy} that provides a * public no-argument constructor.

- *

There are two ways to specify the desired mode String. The first is to specify it via the - * system property keyed on {@link #SYSTEM_PROPERTY}. The second is to call {@link #setStrategyName(String)} before - * using the class. If neither approach is used, the class will default to using {@link #MODE_THREADLOCAL}, which is - * backwards compatible, has fewer JVM incompatibilities and is appropriate on servers (whereas {@link #MODE_GLOBAL} - * is not).

+ *

There are two ways to specify the desired strategy mode String. The first is to specify it via + * the system property keyed on {@link #SYSTEM_PROPERTY}. The second is to call {@link #setStrategyName(String)} + * before using the class. If neither approach is used, the class will default to using {@link #MODE_THREADLOCAL}, + * which is backwards compatible, has fewer JVM incompatibilities and is appropriate on servers (whereas {@link + * #MODE_GLOBAL} is definitely inappropriate for server use).

* * @author Ben Alex * @version $Id$ @@ -49,8 +49,12 @@ public class SecurityContextHolder { public static final String MODE_GLOBAL = "MODE_GLOBAL"; public static final String SYSTEM_PROPERTY = "acegi.security.strategy"; private static String strategyName = System.getProperty(SYSTEM_PROPERTY); - private static Constructor customStrategy; private static SecurityContextHolderStrategy strategy; + private static int initializeCount = 0; + + static { + initialize(); + } //~ Methods ======================================================================================================== @@ -58,7 +62,6 @@ public class SecurityContextHolder { * Explicitly clears the context value from the current thread. */ public static void clearContext() { - initialize(); strategy.clearContext(); } @@ -68,11 +71,20 @@ public class SecurityContextHolder { * @return the security context (never null) */ public static SecurityContext getContext() { - initialize(); - return strategy.getContext(); } + /** + * Primarily for troubleshooting purposes, this method shows how many times the class has reinitialized its + * SecurityContextHolderStrategy. + * + * @return the count (should be one unless you've called {@link #setStrategyName(String)} to switch to an alternate + * strategy. + */ + public static int getInitializeCount() { + return initializeCount; + } + private static void initialize() { if ((strategyName == null) || "".equals(strategyName)) { // Set default @@ -88,16 +100,15 @@ public class SecurityContextHolder { } else { // Try to load a custom strategy try { - if (customStrategy == null) { - Class clazz = Class.forName(strategyName); - customStrategy = clazz.getConstructor(new Class[] {}); - } - + Class clazz = Class.forName(strategyName); + Constructor customStrategy = clazz.getConstructor(new Class[] {}); strategy = (SecurityContextHolderStrategy) customStrategy.newInstance(new Object[] {}); } catch (Exception ex) { ReflectionUtils.handleReflectionException(ex); } } + + initializeCount++; } /** @@ -106,7 +117,6 @@ public class SecurityContextHolder { * @param context the new SecurityContext (may not be null) */ public static void setContext(SecurityContext context) { - initialize(); strategy.setContext(context); } @@ -122,6 +132,6 @@ public class SecurityContextHolder { } public String toString() { - return "SecurityContextHolder[strategy='" + strategyName + "']"; + return "SecurityContextHolder[strategy='" + strategyName + "'; initializeCount=" + initializeCount + "]"; } } diff --git a/core/src/test/java/org/acegisecurity/context/SecurityContextHolderTests.java b/core/src/test/java/org/acegisecurity/context/SecurityContextHolderTests.java index a086ef0eb4..8178d998c5 100644 --- a/core/src/test/java/org/acegisecurity/context/SecurityContextHolderTests.java +++ b/core/src/test/java/org/acegisecurity/context/SecurityContextHolderTests.java @@ -240,8 +240,8 @@ public class SecurityContextHolderTests extends TestCase { public void testSynchronizationCustomStrategyLoading() { SecurityContextHolder.setStrategyName(InheritableThreadLocalSecurityContextHolderStrategy.class.getName()); - assertEquals("SecurityContextHolder[strategy='org.acegisecurity.context.InheritableThreadLocalSecurityContextHolderStrategy']", - new SecurityContextHolder().toString()); + assertTrue(new SecurityContextHolder().toString() + .lastIndexOf("SecurityContextHolder[strategy='org.acegisecurity.context.InheritableThreadLocalSecurityContextHolderStrategy'") != -1); loadStartAndWaitForThreads(true, "Main_", 10, false, true); assertEquals("Thread errors detected; review log output for details", 0, errors); }