Ben, Sure thing, thanks for the feedback, will do. Cheers, Mark
On 8/21/05, Ben Alex <[EMAIL PROTECTED]> wrote: > Mark St.Godard wrote: > > >I did some local testing with the Contacts sample and did some simple tests > >of > >- logging in (i.e. User 1) > >- going to /secure/debug.jsp (view User 1 info) > >- going to a jsp that handles the switch (i.e. switchUser.jsp) > >- submit request to 'su' to another user (i.e. User 2) > >- going to /secure/debug.jsp (view User 2 info) > >- go to exit page (i.e. exitUser.jsp) > >- display current user logged in as, submit button to exit > >- going to /secure/debug.jsp (shows User 1 info) > > > >So initial simple tests seem to work, need to polish and do alot more > >testing. > > > >I have also added applicable unit tests. > > > >Again, feedback welcome. > > > > > > > Hi Mark > > Thanks for taking care of this. It's a good initial implementation. A > few ideas/suggestions: > > - We should publish an event when the administrator performs a "su", > such that audit logs and the like are complete. > - Make the exitUserUrl and switchUserUrl default to the normal values, > and remove the getDefaultXX() getters. > - The SWITCH_USER_GRANTED_AUTHORITY probably should be > "ROLE_PREVIOUS_ADMINISTRATOR" so it works with the default RoleVoter. > - Use Assert.isTrue(boolean) where possible, instead of the if (!request > instanceof HttpServletRequest) etc - it will reduce the unit test size. > - Let's add the "su" capability to the Contacts Filter Sample, as it is > a pretty nice feature to show is available. > > Cheers > Ben > > > ------------------------------------------------------- > SF.Net email is Sponsored by the Better Software Conference & EXPO > September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices > Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA > Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf > _______________________________________________ > Home: http://acegisecurity.sourceforge.net > Acegisecurity-developer mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer > ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
