On second thought, maybe 'assumeIdentity' is just that - the Principal is assumed and everything else about 'bob's Subject state (session, authentication, etc) is retained.
The 'stack like' functionality might be cause for a separate feature in the future, say 'switchUser' to mimic a full stack-like behavior like what I outlined originally, if users actually desire such a feature. Feedback is still welcome ;) On Thu, Jan 29, 2009 at 11:48 PM, Les Hazlewood <[email protected]>wrote: > I tried to see if I could start implementing this feature today, and I > reviewed this post again. Any feedback as to if we should store the assumed > identity in the session and be done with it? Or should it be stack-like as > described in my original post? > > For some reason I feel we should be able to support stack-like behavior. > But here's the real question: When assuming another user's identity, what > about the other methods not entirely based on a principal? > > For example, let's say I did this, as user 'bob': > > Subject subject = SecurityUtils.getSubject(); > //subject currently represents the 'original/owning' user, 'bob'. > > //assume joe's identity: > subject.assumeIdentity("joe"); > > Now that we've done that, what happens should any of the following methods > be called? We've only really talked about what happens when getPrincipal() > is called, not these: > > subject.isAuthenticated() > subject.getPrincipals() > subject.getSession() / subject.getSession(false); > subject.login(...) > subject.logout(); > > Do these methods function based on bob's authentication status and session > Or joe's? What if login and/or login is called? What should be the > expected behavior? > > Then the issue of the session - if a new session is created while assuming > joe's identity, any session operations in 'joes' session should also update > the timestamp of the original 'bob' session to ensure it doesn't time out so > it is still available after relinquishing the 'joe' identity. > > These are some of the things to consider when choosing a 'correct' > approach. > > Any feedback? Ideas? > > Thanks, > > Les > > > On Wed, Jan 14, 2009 at 9:51 AM, Les Hazlewood <[email protected]>wrote: > >> I'm kicking off this thread for continued discussion on how to implement >> the AssumedIdentity/RunAs feature. >> >> For now I'm assuming we'll put the method to assume another user's >> identity directly in the existing Subject interface - no sub-interface. >> >> Also something I was thinking about this morning was a stack might be >> needed to 'remember' the assumed identities if there are multiple calls: >> >> Subject subject = securityManager.getSubject(); >> subject.assumeIdentity( foo ); >> ... some code >> subject.assumeIdentity( bar ); >> >> This would allow functionality like 'su' in unix, where you could assume a >> user's identity any number of times: >> >> > # login as originalUser here >> >> > su someUser >> > ... >> > su anotherUser >> .. >> > exit >> (drops you back to 'someUser' here) >> > ... >> > exit >> (drops you back to 'originalUser' here) >> >> This means the SecurityManager or the DelegatingSubject (or both) needs to >> be aware of this stack. I haven't quite figured out how this would work >> yet, or how it would work in a RememberMe context, but I wanted to jot down >> my ideas here for record and to allow any feedback. >> >> - Les >> > >
