We are using Spring WebFlux for our reactive Spring Boot application. We have successfully implemented authentication, thanks to which we can obtain an authenticated user using the ReactiveSecurityContextHolder class in REST API calls.
I have a method which publishes an event using the ApplicationEventPublisher instance. This method is called from a REST endpoint requiring user authentication, during which the authenticated user is available.
I also have an event listener marked with @Async and @EventListener annotations, in which I would like to retrieve the authenticated user from the original service call.
For servlet applications, I noticed I could use the DelegatingSecurityContextAsyncTaskExecutor, but this unfortunately does not work for reactive applications.
Can the security context propagation be achieved in a reactive stack?