Get authentication object using session id in spring security
Using the SessionRegistry object, I got the SessionInformation for all active user sessions.
Now I want to check the credentials of these sessions. For this I need an authentication object.
Is there a way to do this in spring securtity
My code:
List<SessionInformation> sessionInformationList = sessionRegistry.getAllSessions( user, false);
SessionInformation sessionInformation = sessionRegistry.getSessionInformation(lastSessionId);
//Now I need Authentication Object, any idea
I do it this way to fetch user roles for different session IDs
source to share
In our Stormpath Spring Security Integration, we have coded what you need during your authentication workflow. After correct authentication, users are Granted Authorites
generated and applied to the object Authentication
that is retrieved.
We encapsulate this information into an object named StormpathUserDetails
. You can take a look at this piece of code .
Then your code can get this information like this: Collection<? extends GrantedAuthority> grantedAuthorities = ((StormpathUserDetails)SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getAuthorities();
Hope this helps as an example of what you could do.
source to share