My application calls a web service during the Authentication process (as shown in code below). How can I save some information in HttpSession during this process? This information like customer-account-number will be used in various other places in the application after the user is logged in. Is it possible to pass HttpSession parameter to the MyServiceManager's static login method? public class MyAuthenticationManager implements AuthenticationProvider { @Override public boolean supports(Class<? extends Object> authentication) { return authentication.equals(UsernamePasswordAuthenticationToken.class); } @Override public Authentication authenticate(Authentication authentication) { //MyServiceManager.login - makes a call to web service if(MyServiceManager.login(authentication.getName(), authentication.getCredentials().toString(), XXX_HTTP_SESSION_XXX)) { List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority> (); authorities.add(new GrantedAuthorityImpl("ROLE_USER")); authorities.add(new GrantedAuthorityImpl("ROLE_SUPERVISOR")); return new UsernamePasswordAuthenticationToken(authentication.getName(), authentication.getCredentials(),authorities); } else { return null; } } }