I
Irfan
Guest
HybridRealm class only gets executed by OERealmAuthProvider class from Spring and this is an internal appserver call. So for this call, it should not have any WEB-CONTEXT related information AFAIK. For a use-case where you wanted to pass headers instead of user-id you go for CustomAuthoriization. It will allow you to pass header information like 'Authorization' in the Custom Authorization class( a flavor of HybridRealm).
Continue reading...
Continue reading...