SEC-1251: CLONE -Create JSP tag for retrieving authorization objects in switch user chain #1501

Closed
spring-issuemaster opened this Issue Sep 29, 2009 · 2 comments

1 participant

@spring-issuemaster

Jared Stehler (Migrated from SEC-1251) said:

It would be great to have a taglib that exposes the administrator authorization object when the switch user functionality is in use. We use this to determine who the logged in person is when they are 'simulating' someone else. The difficulty from an EL perspective is that the grantedauthorities must be enumerated while looking for the SwitchUserGrantedAuthorityImpl object (which contains the source Authorization).

A foreach statement in EL can get this done but it is ugly.

@spring-issuemaster

Jared Stehler said:

Resurrecting this issue as I didn't see a patch ever get submitted, so I thought I'd lob one of my own in. Simple tag which evaluates its contents (and provides the admin user principal) when it determines that we are running-as another user.

@spring-issuemaster

Luke Taylor said:

Thanks for the contribution. However, I don't think this is a sufficiently common requirement that we should add it to the codebase. The switch-user functionality is also something that should probably be looked at to see how it could be improved, so I'm reluctant to add extra code based on it at this stage.

@spring-issuemaster spring-issuemaster added this to the 3.1.0.RC1 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment