Dec 3rd, 2012, 04:18 PM
Updating Session's Authentication object ala Refresh
This must be a common problem but I didn't find a solid example in the forum. I will contrive the example to simplify the use case.
On our client, we allow the user to opt-in to a role. We then make a call to the server to add the role to the user's record. How would I go about "refreshing" the user's credentials in the SecurityContextHolder without requiring the user to sign out and then back in?
Dec 5th, 2012, 09:34 AM
You can simply set the SecurityContextHolder with the updated Authentication. You can refer to the reference for an example http://static.springsource.org/sprin...e.html#d0e2101 You might also find Getting Started With Spring Security 3.1 presentation useful (it demos how to automatically sign in a user after sign up which is similar to your scenario).