We spent a week messing with this a few months ago. I think the intention is that the Authentication object remain immutable. Authentication is, as I remember, an interface and details on the implemeting classes is sketchy at best. This leads me to believe that this was meant to be part of the way Acegi allows different ways of authenticating users to be used--LDAP, database, properties files, Siteminder, etc.
We hunted around in the Acegi source and found some code that created an Authentcation instance. Reused (by copy and paste) that code for our purposes and put the new one in the session. thanks. -- Lee On 8/2/07, Matt Raible <[EMAIL PROTECTED]> wrote: > > Honestly, I don't know. The method you tried originally is the one I > would've suggested. You might try searching Acegi's forums: > > http://forum.springframework.org/forumdisplay.php?f=33 > > Matt > > On 8/2/07, sionsmith <[EMAIL PROTECTED]> wrote: > > > > No i do not have that configure (well there are no entries in the > > security.xml) I just want to be able to updates some properties in the > > principle - is there anyway i can do this? > > > > Many Thanks > > Sion > > > > > > mraible wrote: > > > > > > Do you have a userCache configured in security.xml? If so, you might > > > try removing it. > > > > > > Matt > > > > > > On 7/31/07, sionsmith <[EMAIL PROTECTED]> wrote: > > >> > > >> Hi Appfuse Users, > > >> > > >> i'm using the acegi security framework to manage the user sessions > within > > >> my > > >> project, the authentication & user details are returned from a web > > >> service - > > >> not the standard DAO's, however it acts the same. > > >> > > >> The problem i have is the user in the SecurityContextHolder context > is > > >> not > > >> upto date with the 1 in the web service. How can i force this to > update > > >> without logging the user out & back in again? > > >> > > >> I cant seem to find a way of updating the Principal in the session > > >> without > > >> the need of creating a new Authentication object? Surely i can update > the > > >> original which is in the session? > > >> > > >> I've also tried to update this using: > > >> Authentication auth = > > >> SecurityContextHolder.getContext().getAuthentication(); > > >> auth = new UsernamePasswordAuthenticationToken(updatedUser, > > >> updatedUser.getPassword()); > > >> > > >> but that too runs through the login process. i.e. authenticate. > > >> > > >> Any suggestions would be greatful > > >> > > >> Many thank > > >> Sion > > >> > > >> > > >> -- > > >> View this message in context: > > >> > http://www.nabble.com/Refershing-User-in-the-SecurityContextHolder-tf4192324s2369.html#a11922038 > > >> Sent from the AppFuse - User mailing list archive at Nabble.com. > > >> > > >> --------------------------------------------------------------------- > > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > > >> For additional commands, e-mail: [EMAIL PROTECTED] > > >> > > >> > > > > > > > > > -- > > > http://raibledesigns.com > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > -- > > View this message in context: > http://www.nabble.com/Refershing-User-in-the-SecurityContextHolder-tf4192324s2369.html#a11961685 > > > > Sent from the AppFuse - User mailing list archive at Nabble.com. > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > -- > http://raibledesigns.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- -- Lee Meador Sent from gmail. My real email address is lee AT leemeador.com
