Thanks for the response. Yes we are currently using the AuthenticationManager which is injected into the action that creates the account.
Originally Posted by Luke Taylor
So doing something like the following is the best practice with spring security after account creation?
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user, pw);
Authentication authentication = authenticationManager.authenticate(token);