Spring Security Access角色

时间:2010-01-04 04:11:02

标签: spring-security

我有一个使用spring security在spring web flow上运行的j2ee web应用程序。如何在运行期间更改我在会话中保存的角色?

1 个答案:

答案 0 :(得分:2)

如果有可能,那就是这样的:

SecurityContext context = SecurityContextHolder.getContext();
Object principal = context.getAuthentication().getPrincipal();
Object credentials = context.getAuthentication().getCredentials();
GrantedAuthority[] authorities = new GrantedAuthority[1];

authorities[0] = new GrantedAuthorityImpl("MY_NEW_ROLE");

Authentication auth = new UsernamePasswordAuthenticationToken(
    principal, credentials, authorities);
SecurityContextHolder.getContext().setAuthentication(auth);
相关问题
最新问题