Reload UserDetails Object from Database Every Request in Spring Security

Question

I have been looking for a way to reload our Spring Security UserDetails object every request and cannot find an example anywhere.

Does anyone know how to do such a t

Answer 1

Hello so wanted to share something related to this issue with Token based authentication, in my case Oauth2. At first I tried the approach of hooknc above, in my case I was using Token based Authentication, so my Authentication object was instanceOf Oauth2Authentication. Unlike standard Authentication Principal, Oauth2Authentication object is constructed of the Authorization Request and Authentication object. Additionally the principal is constructed by using the token itself. So when trying to reuse the token in another call it would end up with old user data in principal. So this approach does not work for token based authentication.

My Original problem to be clear was after the user would update user settings, if the user would make other API calls after, it would result in the old user info. Instead of trying to update the principal I found issuing a new token after update was a better approach.

I also should add that my Authentication Oauth2 scheme is totally stateless, everything is stored in DB.