OK dug around and finally found the answer.
We can create a UsernamePasswordAuthenticationToken and assign the updated Principal to the context.
Authentication authentication = new UsernamePasswordAuthenticationToken(userObject, userObject.getPassword(), userObject.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authentication);
See also “How to manually set an authenticated user in Spring Security / SpringMVC”.