How to reload Spring Security Principal after updating in Hibernate?

Question

This must be a common issue... and I feel that after googling, and SOing I must have just not looked around thoroughly for the answer enough or that no1 has asked it... so please forgive me.

I am using Spring Security with Hibernate etc.

So a User/principal has logged in and made some changes to their profile.

I use my DAO to update the profile (UserDetails), and I want my Principal to automatically reflect this update.

However when I get the Principal again, I get the dirty version (from my initial login).

Does anyone know of how I can get Spring Security to reload from Hibernate the updated UserDetails?

question from:https://stackoverflow.com/questions/7889660/how-to-reload-spring-security-principal-after-updating-in-hibernate

Answer 1

OK dug around and finally found the answer.

We can create a UsernamePasswordAuthenticationToken and assign the updated Principal to the context.

Authentication authentication = new UsernamePasswordAuthenticationToken(userObject, userObject.getPassword(), userObject.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authentication);

See also "How to manually set an authenticated user in Spring Security / SpringMVC".