Hidden Flaw in Audit Logging w/ Hibernate Interceptor & ACEGI

Posted on 10 CommentsPosted in Java, Technology Center

Hidden Flaw in Audit Logging w/ Hibernate Interceptor & ACEGI

We’ve recently came across a fatal problem in our audit logging facility where Acegi returns a different user other than the actual user. It’s a little hard to replicate because it happens only when multiple users are accessing the system. In summary, audit logs were associated to other users because Acegi SecurityContextHolder is returning incorrect…

read more...

READ this BEFORE you start working on ACEGI

Posted on 8 CommentsPosted in Java, Technology Center

I’ve seen several implementations of ACEGI on enterprise applications. However, I’ve never setup one myself until earlier today… At first, I was quite frustrated with the spring configuration as none seems to work. After looking at several articles online, I get more frustrated as everyone talks about different syntax. So, I’ve thought of writing down read more…

read more...