updated config, added switchUserProcessingFilter to the filter chain, added the ROLE_SUPERVISOR the ability to switch to other users (i.e. ROLE_USER)
For example: 'marissa' can login, goto the /switchUser.jsp, then assume the role of another user such as 'scott'. marissa will then see scotts contacts, etc. Then marissa can goto the /exitUser.jsp, and go back to 'marissa' This is the similar to the Unix 'su' analogy that Ben made
This commit is contained in:
Mark St. Godard
parent
fce510fa9f
commit
3f24824f66
|
|
@ -21,7 +21,7 @@
|
||||||
<value>
|
<value>
|
||||||
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
|
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
|
||||||
PATTERN_TYPE_APACHE_ANT
|
PATTERN_TYPE_APACHE_ANT
|
||||||
/**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,basicProcessingFilter,rememberMeProcessingFilter,anonymousProcessingFilter,securityEnforcementFilter
|
/**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,basicProcessingFilter,rememberMeProcessingFilter,anonymousProcessingFilter,securityEnforcementFilter,switchUserProcessingFilter
|
||||||
</value>
|
</value>
|
||||||
</property>
|
</property>
|
||||||
</bean>
|
</bean>
|
||||||
|
|
@ -174,6 +174,8 @@
|
||||||
/index.jsp=ROLE_ANONYMOUS,ROLE_USER
|
/index.jsp=ROLE_ANONYMOUS,ROLE_USER
|
||||||
/hello.htm=ROLE_ANONYMOUS,ROLE_USER
|
/hello.htm=ROLE_ANONYMOUS,ROLE_USER
|
||||||
/logoff.jsp=ROLE_ANONYMOUS,ROLE_USER
|
/logoff.jsp=ROLE_ANONYMOUS,ROLE_USER
|
||||||
|
/switchuser.jsp=ROLE_SUPERVISOR
|
||||||
|
/j_acegi_switch_user=ROLE_SUPERVISOR
|
||||||
/acegilogin.jsp*=ROLE_ANONYMOUS,ROLE_USER
|
/acegilogin.jsp*=ROLE_ANONYMOUS,ROLE_USER
|
||||||
/**=ROLE_USER
|
/**=ROLE_USER
|
||||||
</value>
|
</value>
|
||||||
|
|
@ -182,11 +184,12 @@
|
||||||
|
|
||||||
<!-- Filter used to switch the user context. Note: the switch and exit url must be secured
|
<!-- Filter used to switch the user context. Note: the switch and exit url must be secured
|
||||||
based on the role granted the ability to 'switch' to another user -->
|
based on the role granted the ability to 'switch' to another user -->
|
||||||
|
<!-- In this example 'marissa' has ROLE_SUPERVISOR that can switch to regular ROLE_USER(s) -->
|
||||||
<bean id="switchUserProcessingFilter" class="net.sf.acegisecurity.ui.switchuser.SwitchUserProcessingFilter">
|
<bean id="switchUserProcessingFilter" class="net.sf.acegisecurity.ui.switchuser.SwitchUserProcessingFilter">
|
||||||
<property name="authenticationDao" ref="jdbcDaoImpl" />
|
<property name="authenticationDao" ref="jdbcDaoImpl" />
|
||||||
<property name="switchUserUrl"><value>/j_acegi_switch_user</value></property>
|
<property name="switchUserUrl"><value>/j_acegi_switch_user</value></property>
|
||||||
<property name="exitUserUrl"><value>/j_acegi_exit_user</value></property>
|
<property name="exitUserUrl"><value>/j_acegi_exit_user</value></property>
|
||||||
<property name="targetUrl"><value>/secure/index.htm</value></property>
|
<property name="targetUrl"><value>/acegi-security-sample-contacts-filter/secure/index.htm</value></property>
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
</beans>
|
</beans>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue