2

Greetings all i am using spring security 3.0.2 and i want after login to get user authorities and add another role to him so he can access some page that requires the new role how to do so ?

Mahmoud Saleh
  • 32,503
  • 116
  • 326
  • 490

3 Answers3

2

i played around with the method in here:

User Granted Authorities are always : ROLE_ANONYMOUS?

and it did the trick.

Community
  • 1
  • 1
Mahmoud Saleh
  • 32,503
  • 116
  • 326
  • 490
0

You have to create your authentication provider loading the authorities data from a database. In this stackoverflow question you can see the way to do it. Whenever you need to change the user authorities you'll only have to change the data in the database.

Community
  • 1
  • 1
Javi
  • 18,567
  • 30
  • 99
  • 132
0

@Javi: I didn't know how to comment on your answer, so i had to create a new one.

The problem of your solution would be that the user has to logout and re-login to get the new role. I think what sword101 is trying to accomplish is to dynamically add a new role to a user without needing to re-login.

This is however an issue I'm looking into aswell and didn't find a suitable solution so far.

I tried to implement it with a flag within my (custom) UserDetails object. This flag is read by the voter and voted accordingly. But this didn't really work out as intended. But I'll may look into that again to see what went wrong.

Robert M.
  • 1,289
  • 1
  • 12
  • 33