Spring Security Context

Post author:anis kchaou
Post published:October 18, 2025
Post category:Uncategorized
Post comments:0 Comments
Post last modified:October 18, 2025

Spring Security Context
The SecurityContext in Spring Security holds the authentication and security-related details (like the logged-in user, roles, etc.) for the current thread of execution. It’s stored in a ThreadLocal, so each request has its own context.

Example:

import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

@RestController
public class UserController {

    @GetMapping("/me")
    public String getCurrentUser() {
        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
        return "Logged in as: " + auth.getName();
    }
}

import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

@RestController
public class UserController {

    @GetMapping("/me")
    public String getCurrentUser() {
        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
        return "Logged in as: " + auth.getName();
    }
}

✅ Key Point:
SecurityContextHolder → SecurityContext → Authentication → Principal (UserDetails)

You Might Also Like

Domain-Driven Design

Okta in Spring Boot

OpenAPI integration with Spring Boot

Quartz in Spring Boot

Adding Interceptors to WebClient in Spring Boot

Leave a Reply Cancel reply