blog/drawings/spring-security-cotnextholder.puml

@startuml
skinparam Shadowing false
skinparam class { 
    BackgroundColor White
}
hide empty members

package org.springframework.security.core {
    package context {
        class SecurityContextHolder {
            -{static} SecurityContextHolderStrategy strategy
            -{static} int initilizeCount
            -{static} void initilize()
            +{static} void clearContext()
            +{static} SecurityContext getContext()
            +{static} int getInitilizeCount()
            +{static} void setContext(SecurityContext context)
            +{static} void setStrategyName(String strategyName)
            +{static} SecurityContextHolderStrategy getContextHolderStrategy()
            +{static} SecurityContext createEmptyContext()
        }

        interface SecurityContextHolderStrategy {
            + void clearContext()
            + SecurityContext getContext()
            + void setContext(SecurityContext context)
            + SecurityContext createEmptyContext()
        }

        class ThreadLocalSecurityContextHolderStrategy {
            -{static} ThreadLocal<SecurityContext> contextHolder
        }

        class GlobalSecurityContextHolderStrategy {
            -{static} SecurityContext contextHolder
        }

        class InheritableThreadLocalSecurityContextHolderStrategy {
            -{static} ThreadLocal<SecurityContext> contextHolder
        }

        class ReactiveSecurityContextHolder {
            +{static} Mono<SecurityContext> getContext()
            -{static} boolean hasSecurityContext(Context context)
            -{static} Mono<SecurityContext> getSecurityContext(Context context)
            +{static} Function<Context, Context> clearContext()
            +{static} Context withSecurityContext(Mono<? extends SecurityContext> securityContext)
            +{static} Context withAuthentication(Authentication authntication)
        }

        class SecurityContext {
            + Authentication getAuthentication()
            + void setAuthentication(Authentication authentication)
        }
    }

    interface Authentication {
        + Collection<? extends GrantedAuthority> getAuthorities()
        + Object getCredentials()
        + Object getDetails()
        + Object getPrincipal()
        + boolean isAuthticated()
        + setAuthenticated(boolean isAuthenticated)
    }

    interface GrantedAuthority {
        + String getAuthority()
    }
}

package java.security {
    interface Principal {
        + String getName()
        + boolean implies(Subject subject)
    }
}

SecurityContextHolderStrategy --* SecurityContextHolder
ThreadLocalSecurityContextHolderStrategy ..|> SecurityContextHolderStrategy
GlobalSecurityContextHolderStrategy ..|> SecurityContextHolderStrategy
InheritableThreadLocalSecurityContextHolderStrategy ...|> SecurityContextHolderStrategy
SecurityContext --* SecurityContextHolderStrategy
SecurityContext -* ReactiveSecurityContextHolder
SecurityContext --* ThreadLocalSecurityContextHolderStrategy
SecurityContext --* InheritableThreadLocalSecurityContextHolderStrategy
SecurityContext --* GlobalSecurityContextHolderStrategy
Authentication --* SecurityContext
GrantedAuthority -* Authentication
Authentication -|> Principal
@enduml