Dec 27th, 2012, 01:30 PM
Altering roles using UserDetails and JdbcUserDetailsManager
JdbcUserDetailsManager has a method: JdbcUserDetailsManager.alterUser(UserDetails); this method contains code to update the existing authorities with the authorities contained in the UserDetails instance.
However, when calling JdbcUserDetailsManager.loadUserByUsername() it returns a UserDetails with an unmodifiable collection of authorities. So, by default you can't update the authorities on the UserDetails instance.
Additionally, the insert and delete authorities methods in JdbcUserDetailsManager are private.
Could this be considered an API clash?
Is there another way to alter the roles/authorities for a user that I'm not yet aware of?
Last edited by matt.friedman; Dec 28th, 2012 at 09:48 PM.
Reason: ask more clearly about api