Add a section to the Introduction part of the docs about Reactive vs. Servlet security. This section should explain to users what are the fundamental differences between security in a reactive world and a servlet world. topics to touch on in the section are.
- Thread locals variables, how spring security uses them.
- Architecture assumptions spring security made that were no longer true in a reactive world and how did spring security adapt to the reactive requirements
- Background that users should know about how reactive applications execute code, such as schedulers in reactor ... etc.
- Does the reactive security support only apply to project reactor or can it be used with other reactive frameworks like RxJava
- Is there feature parity between reactive and servlet features of spring security, what the things that can't be done in reactive world or a servlet world.
Comment From: rwinch
We could potentially do WebFlux vs Servlet, but Reactive vs Servlet is not really a good comparison since, for example, RSocket is only supported on the Reactive side and has no "Servlet" comparison
Comment From: spring-projects-issues
If you would like us to look at this issue, please provide the requested information. If the information is not provided within the next 7 days this issue will be closed.
Comment From: asaikali
I have updated the title of the issue to be WebFlux vs. Servlet. In the ticket above Reactive and WebFlux were being used interchangeably.