Recently on one of our projects we had the need to allow the ROLE_ADMIN to login as another user without knowing or changing the password of that user. For example ‘Jack’ has the ROLE_ADMIN and ‘Suzy’ has the ROLE_USER. Now ‘Jack’ wants to login as suzy without knowing her password and carry out some tasks on her behalf acting as her when ‘Suzy’ is unavailable and some work needs to be done, of course you should provide a mechanism to audit and log whenever ‘Jack’ wants to play a different role.This is fairly easy to implement using Acegi
The SwitchUserProcessingFilter in Acegi helps to achieve this functionality. The below steps will show how to configure and use it
Read the rest of this entry »
