I am trying to authenticate the user after I got credentials using oAuth (with Twitter if that makes a difference). As far as I could understand it, I can directly put the Authentication object into SecurityContextHolder. Here is how I do it:
Authentication auth = new TwitterOAuthAuthentication(member,
userDetailsService.loadUserByUsername(me开发者_运维百科mber.getUsername()).getAuthorities());
SecurityContextHolder.getContext().setAuthentication(auth);
This for some reason does absolutely nothing. What am I missing and what should I do to accomplish what need?
Try adding
auth.setAuthenticated(true);
before you set the Authentication to the context.
The following code works fine for me (inside a filter class):
final Authentication auth = new CustomAuthenticationToken(user);
auth.setAuthenticated(true);
SecurityContextHolder.getContext().setAuthentication(auth);
精彩评论