NonSerializableSecurityContext), so there's no need to use this mechanism.
@Deprecated public interface InvalidatableUserDetails extends org.acegisecurity.userdetails.UserDetails
UserDetailsthat can mark
Tomcat persists sessions by using Java serialization (and
that includes the security token created by Acegi, which includes this object)
and when that happens, the next time the server comes back
it will try to deserialize
SecurityContext that Acegi
HttpSession (which transitively includes
that can be implemented by Hudson.
UserDetails implementation can override the
method and return false, so that such
SecurityContext will be
dropped before the rest of Acegi sees it.
|Modifier and Type||Method and Description|
Copyright © 2004–2020. All rights reserved.