如何在Hibernate中更新后重新加载Spring Security Principal? [英] How to reload Spring Security Principal after updating in Hibernate?
问题描述
我使用Spring Security和Hibernate等。
因此,用户/委托人已经登录并对其进行了一些更改。
我使用我的DAO更新配置文件(UserDetails),并且我希望我的Principal能够自动反映此更新。
然而,当我再次获得委托人时,我得到了脏版本(从我的初始登录名)。
有人知道我如何获得Spring Security从Hibernate重新加载更新后的UserDetails?
OK挖到最后找到答案。
我们可以创建一个UsernamePasswordAuthenticationToken并将更新的Principal分配给上下文。
认证认证=新用户名密码AuthenticationToken(userObject,userObject.getPassword(),userObject.getAuthorities());
SecurityContextHolder.getContext()。setAuthentication(authentication);
另请参阅如何在Spring Security / SpringMVC中手动设置经过身份验证的用户。
This must be a common issue... and I feel that after googling, and SOing I must have just not looked around thoroughly for the answer enough or that no1 has asked it... so please forgive me.
I am using Spring Security with Hibernate etc.
So a User/principal has logged in and made some changes to their profile.
I use my DAO to update the profile (UserDetails), and I want my Principal to automatically reflect this update.
However when I get the Principal again, I get the dirty version (from my initial login).
Does anyone know of how I can get Spring Security to reload from Hibernate the updated UserDetails?
OK dug around and finally found the answer.
We can create a UsernamePasswordAuthenticationToken and assign the updated Principal to the context.
Authentication authentication = new UsernamePasswordAuthenticationToken(userObject, userObject.getPassword(), userObject.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authentication);
See also "How to manually set an authenticated user in Spring Security / SpringMVC".
这篇关于如何在Hibernate中更新后重新加载Spring Security Principal?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!