Konstantinos Kostarellis (Migrated from SEC-1721) said:
It would be great to have an option in the style of the token "IS_AUTHENTICATED_FULLY / isFullyAuthenticated()" to let the user re-authenticate for certain very sensitive actions.
Thinking of it in a way of making the user aware that he is now doing something major, similar to sudo on linux and osx. (IS_AUTHENTICATED_EXPLICITLY / isExplicitlyAuthenticated()).
Is this something that can be implemented by a CustomVoter ?
Comment From: spring-projects-issues
Konstantinos Kostarellis said:
The Spring Security Core Plugin 1.1.2 is build on top of Spring Security 3.0.4
Comment From: rwinch
This is superseded by gh-2603