如何在Hibernate中更新后重新加载Spring Security Principal？ [英] How to reload Spring Security Principal after updating in Hibernate?

问题描述

这肯定是一个普遍的问题......我觉得在Google使用Google搜索之后，我一定不会彻底地环顾四周寻找答案，否则no1会问这个问题......所以请原谅我。

我使用Spring Security和Hibernate等。

因此，用户/委托人已经登录并对其进行了一些更改。

我使用我的DAO更新配置文件（UserDetails），并且我希望我的Principal能够自动反映此更新。

然而，当我再次获得委托人时，我得到了脏版本（从我的初始登录名）。

有人知道我如何获得Spring Security从Hibernate重新加载更新后的UserDetails？

解决方案

OK挖到最后找到答案。

我们可以创建一个UsernamePasswordAuthenticationToken并将更新的Principal分配给上下文。

 认证认证=新用户名密码AuthenticationToken（userObject，userObject.getPassword（），userObject.getAuthorities（））; 
 SecurityContextHolder.getContext（）。setAuthentication（authentication）; 
  

另请参阅如何在Spring Security / SpringMVC中手动设置经过身份验证的用户。

This must be a common issue... and I feel that after googling, and SOing I must have just not looked around thoroughly for the answer enough or that no1 has asked it... so please forgive me.

I am using Spring Security with Hibernate etc.

So a User/principal has logged in and made some changes to their profile.

I use my DAO to update the profile (UserDetails), and I want my Principal to automatically reflect this update.

However when I get the Principal again, I get the dirty version (from my initial login).

Does anyone know of how I can get Spring Security to reload from Hibernate the updated UserDetails?

解决方案

OK dug around and finally found the answer.

We can create a UsernamePasswordAuthenticationToken and assign the updated Principal to the context.

Authentication authentication = new UsernamePasswordAuthenticationToken(userObject, userObject.getPassword(), userObject.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authentication);

See also "How to manually set an authenticated user in Spring Security / SpringMVC".

这篇关于如何在Hibernate中更新后重新加载Spring Security Principal？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！