Matt,
Nearly there now I think. I am pretty sure the problem is in the pattern
matching. It does not match when I do the following:-
<form method="post" id="loginForm" action="<c:url
value="/j_acegi_switch_user"/>">
<input type="hidden" name="j_username" value="normaluser"/>
<input type="submit" class="button" name="login" value="switch" />
</form>
Yet, if I ask it to do a j_security_check it goes to the login page.
Looking at the source code for the class if I got any further I would get
some debug. I am going to update my version currently 1.0.2 to 1.0.3 but I
do not hold out much hope!
My filter chain looks correct,
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,switchUserProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
</value>
but no match is being made.
I will keep on digging, but if anything 'springs' to mind please feel free.
Thanks
Nigel
mraible wrote:
>
> I have a requirement to add this functionality in one of my projects.
> I don't know when I'll get around to trying to implement it, but
> hopefully in the next week or so.
>
> Matt
>
> On 4/18/07, Nigel in NZ <[EMAIL PROTECTED]> wrote:
>>
>> Matt,
>>
>> Thanks for that. I spent some time this evening looking at it but it is
>> now
>> 12:15am so must stop!
>>
>> I added my switchUserProcessingFilter to my filterChainProxy, I created,
>>
>> <bean id="switchUserProcessingFilter"
>> class="org.acegisecurity.ui.switchuser.SwitchUserProcessingFilter">
>> <property name="userDetailsService" ref="userDao" />
>> <property
>> name="switchUserUrl"><value>/j_acegi_switch_user</value></property>
>> <property
>> name="exitUserUrl"><value>/j_acegi_exit_user</value></property>
>> <property name="targetUrl"><value>/main.jsp</value></property>
>> </bean>
>>
>> I then tried calling it based on the assumption that all I should need to
>> do
>> is set the j_username to the value I want and call /j_acegi_switch_user .
>> So I set up a call to an admin only page of that name i.e.
>>
>> * @struts.action-forward name="mimic" path="/j_acegi_switch_user"
>>
>> but with no luck. Have you seen any code that actually does this stuff?
>> Could you post it here for me possibly, I could not find any examples in
>> books or online.
>>
>> Do I need to actually use the service the one test class I did find
>> seemed
>> to say no, just set the parameter. One possible clue would be that I am
>> setting this as an attribute not a parameter, but I am too tired to think
>> now 12:31am!
>>
>> off to bed
>>
>> Thanks in advance
>>
>> Nigel
>>
>> mraible wrote:
>> >
>> > You might try using Acegi's Switch User feature:
>> >
>> >
>> http://www.acegisecurity.org/multiproject/acegi-security/apidocs/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilter.html
>> >
>> > http://tinyurl.com/23vgf9
>> >
>> > Matt
>> >
>> > On 4/17/07, Nigel in NZ <[EMAIL PROTECTED]> wrote:
>> >>
>> >> Hi,
>> >>
>> >> I have a scenario where my admin user wants to pretend to be another
>> >> user,
>> >> so I added the following code ripped from the SignupAction class,
>> >>
>> >> public ActionForward mimicUser(ActionMapping mapping, ActionForm
>> >> form,
>> >> HttpServletRequest request,
>> >> HttpServletResponse response)
>> >> throws Exception {
>> >> if (log.isDebugEnabled()) {
>> >> log.debug("Entering 'mimic user' method");
>> >> }
>> >> UserManager mgr = (UserManager) getBean("userManager");
>> >>
>> >> UserForm userForm = (UserForm)form;
>> >> // log user in automatically
>> >> Authentication auth = new
>> >> UsernamePasswordAuthenticationToken(userForm.getUsername(),
>> >> userForm.getConfirmPassword());
>> >> try {
>> >> ProviderManager authenticationManager = (ProviderManager)
>> >> getBean("authenticationManager");
>> >>
>> >>
>> SecurityContextHolder.getContext().setAuthentication(authenticationManager.doAuthentication(auth));
>> >> } catch (NoSuchBeanDefinitionException n) {
>> >> // ignore, should only happen when testing
>> >> }
>> >> return new ActionForward("main");
>> >> }
>> >>
>> >> But sadly I get a bad credencials.
>> >>
>> >> [java] [plantman] DEBUG [http-8080-Processor23]
>> >> UserAction.mimicUser(351) | Entering 'mimic
>> >> [java] [plantman] WARN [http-8080-Processor23]
>> >> LoggerListener.onApplicationEvent(55) | Authe
>> >> icationFailureBadCredentialsEvent: bondn; details: null; exception:
>> Bad
>> >> credentials
>> >> [java] [plantman] INFO
>> >> [ContainerBackgroundProcessor[StandardEngine[Catalina]]] SimpleClicks
>> >> lickstream for: 0:0:0:0:0:0:0:1
>> >>
>> >> I am pretty sure this must be because I am still logged in as 'admin'
>> >> but I
>> >> am not sure what to do to either log off and then log back on as this
>> >> user
>> >> or allow the action. I would like a code solution not a DB or
>> >> interactive
>> >> solution but cannot work it out. Clearly, I do not want my admin to
>> have
>> >> to
>> >> re-login using the clients credentials interactively!
>> >>
>> >> So, to be clear, how do I as admin viewing a users details change to
>> be
>> >> them
>> >> so I can update their order for example. or is this just soooo bad
>> that I
>> >> cannot do it. It does seem a valid use case that admin would be on
>> the
>> >> phone to a client and they say 'oh I forgot x can you add it please'.
>> >>
>> >> Any help would be appreciated.
>> >>
>> >> Thanks
>> >>
>> >> Nigel
>> >> --
>> >> View this message in context:
>> >>
>> http://www.nabble.com/Pretending-to-be-another-user-tf3590245s2369.html#a10033672
>> >> Sent from the AppFuse - User mailing list archive at Nabble.com.
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> >> For additional commands, e-mail: [EMAIL PROTECTED]
>> >>
>> >>
>> >
>> >
>> > --
>> > http://raibledesigns.com
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: [EMAIL PROTECTED]
>> > For additional commands, e-mail: [EMAIL PROTECTED]
>> >
>> >
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/Pretending-to-be-another-user-tf3590245s2369.html#a10057748
>> Sent from the AppFuse - User mailing list archive at Nabble.com.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>>
>
>
> --
> http://raibledesigns.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
View this message in context:
http://www.nabble.com/Pretending-to-be-another-user-tf3590245s2369.html#a10069970
Sent from the AppFuse - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
