This is an issue specific to Spring Security. You may wish to ask on their forums.
-Scott -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia On Sun, Nov 16, 2008 at 12:40 AM, Thanh Thai <[EMAIL PROTECTED]> wrote: > I am using user authorities inside of Spring Security to manage access to > different resources in my application. I constantly make changes to these > authorities and I wanted the new user details to be populated on every > request. The only way I can get this to work is if I have CAS send out a > new service ticket on every request. I haven't been able to get CAS to do > this so I can't make CasAuthenticationProvider repopulate the > GrantedAuthorities of my Authority object inside of the SecurityContext. > > The work around I had was to set > SecurityContextHolder.getContext().setAuthentication(null); at the end of > every request to make CAS send out the service ticket back to the Spring > filter. This solution doesn't work on a multi app server system though, > since the authentication might still be out of date on the other app > servers. > > Is there an easy way to make the user details load on every request? > > Let me know if there was something unclear. > > Thank you, > Thanh > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
