Hidden Flaw in Audit Logging w/ Hibernate Interceptor & ACEGI

We’ve recently came across a fatal problem in our audit logging facility where Acegi returns a different user other than the actual user. It’s a little hard to replicate because it happens only when multiple users are accessing the system. In summary, audit logs were associated to other users because Acegi SecurityContextHolder is returning incorrect…


READ this BEFORE you start working on ACEGI

May 2007 Blogged by Allan Tan

I’ve seen several implementations of ACEGI on enterprise applications. However, I’ve never setup one myself until earlier today… At first, I was quite frustrated with the spring configuration as none seems to work. After looking at several articles online, I get more frustrated as everyone talks about different syntax. So, I’ve thought of writing down […]


Contact Us