Login for another user inside application when main user already logged on

[James Equalizer]

Hello,

I have developed a Spring MVC application with SSO built with Spring Security 3. On a page, the already logged-in user (by SSO) must ask another user to come by and enter his user name and password in a login box to permit an action. Once the 2nd user has done so, the system will check its credentials against the ldap and call a REST url to perform an action. Once the action is performed, the session of this user will be invalidated and a success response will be sent back to the user. Meanwhile, the main user session (initially authenticated by SSO) MUST NOT be invalidated.

How could this be done with Spring Security? I've been searching through the doc but I can't seem to find an example showing two authentication sessions 'live' at the same time.

Any advice for this very special need would be more than welcome,
Jim

[James Equalizer]

Btw, another way to go would be not using Spring Security to do this. Just use a custom private-key encryption for the password and then perform the ldap authentication in a spring mvc controller. This is not ideal but I can't seem to find another straightforward solution to this by now.