/** * Tries to authenticate from cache if a key can be derived and the {@link Authentication} * object is not in the cache, the key will be returned. * * <p>A not <code>null</code> return value indicates a missing cache entry * * @param filter * @param request */ protected String authenticateFromCache( AuthenticationCachingFilter filter, HttpServletRequest request) { Authentication authFromCache = null; String cacheKey = null; if (SecurityContextHolder.getContext().getAuthentication() == null) { cacheKey = filter.getCacheKey(request); if (cacheKey != null) { authFromCache = getSecurityManager().getAuthenticationCache().get(getName(), cacheKey); if (authFromCache != null) SecurityContextHolder.getContext().setAuthentication(authFromCache); else return cacheKey; } } return null; }