Menu
This must be a common issue... and I feel that after googling, and SOing I must have just not looked around thoroughly for the answer enough or that no1 has asked it... so please forgive me.
I am using Spring Security with Hibernate etc.
So a User/principal has logged in and made some changes to their profile.
I use my DAO to update the profile (UserDetails), and I want my Principal to automatically reflect this update.
However when I get the Principal again, I get the dirty version (from my initial login).
Does anyone know of how I can get Spring Security to reload from Hibernate the updated UserDetails?
907
Interface UserDetails. Provides core user information. Implementations are not used directly by Spring Security for security purposes. They simply store user information which is later encapsulated into Authentication objects.
Spring Security provides support for username and password being provided through an html form. This section provides details on how form based authentication works within Spring Security.
OK dug around and finally found the answer.
We can create a UsernamePasswordAuthenticationToken and assign the updated Principal to the context.
Authentication authentication = new UsernamePasswordAuthenticationToken(userObject, userObject.getPassword(), userObject.getAuthorities()); SecurityContextHolder.getContext().setAuthentication(authentication); See also "How to manually set an authenticated user in Spring Security / SpringMVC".
186
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With