Make Programmatic login without username/password?

Greetings all i am using the following method to make programmatic login for the user, but with his username & password, and it works fine:

public static void autoLogin(User user, HttpServletRequest request,
   AuthenticationManager authenticationManager) {

  GrantedAuthority[] grantedAuthorities = new GrantedAuthority[] { new GrantedAuthorityImpl(
    user.getAuthority()) };

  UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(
    user.getUserName(), user.getPassword(),
    grantedAuthorities);

  // generate session if one doesn't exist
  request.getSession();

  token.setDetails(new WebAuthenticationDetails(request));
  Authentication authenticatedUser = authenticationManager
    .authenticate(token);

  SecurityContextHolder.getContext().setAuthentication(authenticatedUser);
  // setting role to the session
  request
    .getSession()
    .setAttribute(
      HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY,
      SecurityContextHolder.getContext());

 }

and i was wondering if it's possibl开发者_高级运维e to make programmatic login but without the username or the password authentication, just makes this user authenticated.

You can create your own subclass of Authentication, implement an AuthenticationProvider that supports it and configure authentication manager to use this provider.

(Actually, you can simply put a custom Authentication that always returns true from isAuthenticated() into SecurityContext, but this approach bypasses AuthenticationManager, so, for example, AuthenticationSuccessEvent wouldn't be published).

managed to do it by removing those lines

token.setDetails(new WebAuthenticationDetails(request)); 
Authentication authenticatedUser = authenticationManager .authenticate(token);