如果您需要动态更新登录的用户权限(当这些权限发生变化时,无论什么原因),无需登出并登录,您只需要重置Spring SecurityContextHolder中的Authentication对象(安全令牌)即可.
例:
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
List updatedAuthorities = new ArrayList<>(auth.getAuthorities());
updatedAuthorities.add(...); //add your role here [e.g., new SimpleGrantedAuthority("ROLE_NEW_ROLE")]
Authentication newAuth = new UsernamePasswordAuthenticationToken(auth.getPrincipal(), auth.getCredentials(), updatedAuthorities);
SecurityContextHolder.getContext().setAuthentication(newAuth);