How to reload Spring Security Principal after updating in Hibernate?

Question

This must be a common issue... and I feel that after googling, and SOing I must have just not looked around thoroughly for the answer enough or that no1 has asked it... so p

Answer 1

OK dug around and finally found the answer.

We can create a UsernamePasswordAuthenticationToken and assign the updated Principal to the context.

Authentication authentication = new UsernamePasswordAuthenticationToken(userObject, userObject.getPassword(), userObject.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authentication);

See also "How to manually set an authenticated user in Spring Security / SpringMVC".

Answer 2

i had the same problem

i fixed it with getting the authentication from SecurityContextHolder cast it's principal to User then update principal.

everything is working but i don't know this is a good practice or not.