Mark St.Godard wrote:
I did some local testing with the Contacts sample and did some simple tests of
- logging in (i.e. User 1)
- going to /secure/debug.jsp (view User 1 info)
- going to a jsp that handles the switch (i.e. switchUser.jsp)
- submit request to 'su' to another user (i.e. User 2)
- going to /secure/debug.jsp (view User 2 info)
- go to exit page (i.e. exitUser.jsp)
- display current user logged in as, submit button to exit
- going to /secure/debug.jsp (shows User 1 info)
So initial simple tests seem to work, need to polish and do alot more testing.
I have also added applicable unit tests.
Again, feedback welcome.
Hi Mark
Thanks for taking care of this. It's a good initial implementation. A
few ideas/suggestions:
- We should publish an event when the administrator performs a "su",
such that audit logs and the like are complete.
- Make the exitUserUrl and switchUserUrl default to the normal values,
and remove the getDefaultXX() getters.
- The SWITCH_USER_GRANTED_AUTHORITY probably should be
"ROLE_PREVIOUS_ADMINISTRATOR" so it works with the default RoleVoter.
- Use Assert.isTrue(boolean) where possible, instead of the if (!request
instanceof HttpServletRequest) etc - it will reduce the unit test size.
- Let's add the "su" capability to the Contacts Filter Sample, as it is
a pretty nice feature to show is available.
Cheers
Ben
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
