Spring Security customization (Part 2 - Adjusting secured session in real time)
Imagine you are in the secured session (you are logged on and are authorized to access a particular resource), but your security infrastructure team has updated your rights and privileges. Perhaps you were given more rights and privileges or perhaps your rights were completely revoked. . . The problem is that your secured session is registered in session registry and until you log-off/log-on the Principal which represents you in this secured session will not be recreated. And what if the situation is even more dramatic (after all we are talking security here). . . You are a disgruntled employe…