Matt,
Thanks for that. I spent some time this evening looking at it but it is now
12:15am so must stop!
I added my switchUserProcessingFilter to my filterChainProxy, I created,
<bean id="switchUserProcessingFilter"
class="org.acegisecurity.ui.switchuser.SwitchUserProcessingFilter">
<property name="userDetailsService" ref="userDao" />
<property
name="switchUserUrl"><value>/j_acegi_switch_user</value></property>
<property
name="exitUserUrl"><value>/j_acegi_exit_user</value></property>
<property name="targetUrl"><value>/main.jsp</value></property>
</bean>
I then tried calling it based on the assumption that all I should need to do
is set the j_username to the value I want and call /j_acegi_switch_user .
So I set up a call to an admin only page of that name i.e.
* @struts.action-forward name="mimic" path="/j_acegi_switch_user"
but with no luck. Have you seen any code that actually does this stuff?
Could you post it here for me possibly, I could not find any examples in
books or online.
Do I need to actually use the service the one test class I did find seemed
to say no, just set the parameter. One possible clue would be that I am
setting this as an attribute not a parameter, but I am too tired to think
now 12:31am!
off to bed
Thanks in advance
Nigel
mraible wrote:
>
> You might try using Acegi's Switch User feature:
>
> http://www.acegisecurity.org/multiproject/acegi-security/apidocs/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilter.html
>
> http://tinyurl.com/23vgf9
>
> Matt
>
> On 4/17/07, Nigel in NZ <[EMAIL PROTECTED]> wrote:
>>
>> Hi,
>>
>> I have a scenario where my admin user wants to pretend to be another
>> user,
>> so I added the following code ripped from the SignupAction class,
>>
>> public ActionForward mimicUser(ActionMapping mapping, ActionForm
>> form,
>> HttpServletRequest request,
>> HttpServletResponse response)
>> throws Exception {
>> if (log.isDebugEnabled()) {
>> log.debug("Entering 'mimic user' method");
>> }
>> UserManager mgr = (UserManager) getBean("userManager");
>>
>> UserForm userForm = (UserForm)form;
>> // log user in automatically
>> Authentication auth = new
>> UsernamePasswordAuthenticationToken(userForm.getUsername(),
>> userForm.getConfirmPassword());
>> try {
>> ProviderManager authenticationManager = (ProviderManager)
>> getBean("authenticationManager");
>>
>> SecurityContextHolder.getContext().setAuthentication(authenticationManager.doAuthentication(auth));
>> } catch (NoSuchBeanDefinitionException n) {
>> // ignore, should only happen when testing
>> }
>> return new ActionForward("main");
>> }
>>
>> But sadly I get a bad credencials.
>>
>> [java] [plantman] DEBUG [http-8080-Processor23]
>> UserAction.mimicUser(351) | Entering 'mimic
>> [java] [plantman] WARN [http-8080-Processor23]
>> LoggerListener.onApplicationEvent(55) | Authe
>> icationFailureBadCredentialsEvent: bondn; details: null; exception: Bad
>> credentials
>> [java] [plantman] INFO
>> [ContainerBackgroundProcessor[StandardEngine[Catalina]]] SimpleClicks
>> lickstream for: 0:0:0:0:0:0:0:1
>>
>> I am pretty sure this must be because I am still logged in as 'admin'
>> but I
>> am not sure what to do to either log off and then log back on as this
>> user
>> or allow the action. I would like a code solution not a DB or
>> interactive
>> solution but cannot work it out. Clearly, I do not want my admin to have
>> to
>> re-login using the clients credentials interactively!
>>
>> So, to be clear, how do I as admin viewing a users details change to be
>> them
>> so I can update their order for example. or is this just soooo bad that I
>> cannot do it. It does seem a valid use case that admin would be on the
>> phone to a client and they say 'oh I forgot x can you add it please'.
>>
>> Any help would be appreciated.
>>
>> Thanks
>>
>> Nigel
>> --
>> View this message in context:
>> http://www.nabble.com/Pretending-to-be-another-user-tf3590245s2369.html#a10033672
>> Sent from the AppFuse - User mailing list archive at Nabble.com.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>>
>
>
> --
> http://raibledesigns.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
View this message in context:
http://www.nabble.com/Pretending-to-be-another-user-tf3590245s2369.html#a10057748
Sent from the AppFuse - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
