Dec 14th, 2012, 08:23 AM
Refresh granted authorities whilst already logged in?
Is there any way for a Spring Security authenticated user to have their granted authorities changed without them logging out and logging in again?
My use case is...
- User finds that they lack rights to perform an action
- They contact the system administrator
- The sys admin person changes that user's role association to allow them to perform the requested operation
- The user now tries to perform the same action and this time they have the required authority.
Dec 20th, 2012, 06:27 AM
it is possible to do if you use some ORM like hibernate and use it to load the instances of your user and all respective granted authorities but is not supported out of the box. you've to write code for that.