Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Tidying.

This commit is contained in:
Luke Taylor 2007-11-28 18:00:43 +00:00
parent 292320bd33
commit 0e1ae11fca
1 changed files with 19 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
core/src/main/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilter.java
View File

@ -69,27 +69,34 @@ import javax.servlet.http.HttpServletResponse;
/** /**
* Switch User processing filter responsible for user context switching.<p>This filter is similar to Unix 'su' * Switch User processing filter responsible for user context switching.
* however for Spring Security-managed web applications. A common use-case for this feature is the ability to allow * <p>
* higher-authority users (i.e. ROLE_ADMIN) to switch to a regular user (i.e. ROLE_USER).</p> * This filter is similar to Unix 'su' however for Spring Security-managed web applications.
* <p>This filter assumes that the user performing the switch will be required to be logged in as normal (i.e. * A common use-case for this feature is the ability to allow higher-authority users (i.e. ROLE_ADMIN) to switch to a
* regular user (i.e. ROLE_USER).
* <p>
* This filter assumes that the user performing the switch will be required to be logged in as normal (i.e.
* ROLE_ADMIN user). The user will then access a page/controller that enables the administrator to specify who they * ROLE_ADMIN user). The user will then access a page/controller that enables the administrator to specify who they
* wish to become (see <code>switchUserUrl</code>). <br> * wish to become (see <code>switchUserUrl</code>). <br>
* <b>Note: This URL will be required to have to appropriate security contraints configured so that only users of that * <b>Note: This URL will be required to have to appropriate security contraints configured so that only users of that
* role can access (i.e. ROLE_ADMIN).</b></p> * role can access (i.e. ROLE_ADMIN).</b>
* <p>On successful switch, the user's <code>SecurityContextHolder</code> will be updated to reflect the * <p>
* specified user and will also contain an additinal {@link org.springframework.security.ui.switchuser.SwitchUserGrantedAuthority * On successful switch, the user's <code>SecurityContextHolder</code> will be updated to reflect the
* } which contains the original user.</p> * specified user and will also contain an additinal
* <p>To 'exit' from a user context, the user will then need to access a URL (see <code>exitUserUrl</code>) that * {@link org.springframework.security.ui.switchuser.SwitchUserGrantedAuthority} which contains the original user.
* will switch back to the original user as identified by the <code>SWITCH_USER_GRANTED_AUTHORITY</code>.</p> * <p>
* <p>To configure the Switch User Processing Filter, create a bean definition for the Switch User processing * To 'exit' from a user context, the user will then need to access a URL (see <code>exitUserUrl</code>) that
* will switch back to the original user as identified by the <code>SWITCH_USER_GRANTED_AUTHORITY</code>.
* <p>
* To configure the Switch User Processing Filter, create a bean definition for the Switch User processing
* filter and add to the filterChainProxy. <br> * filter and add to the filterChainProxy. <br>
* Example:<pre> * Example:<pre>
* &lt;bean id="switchUserProcessingFilter" class="org.springframework.security.ui.switchuser.SwitchUserProcessingFilter"> * &lt;bean id="switchUserProcessingFilter" class="org.springframework.security.ui.switchuser.SwitchUserProcessingFilter">
* &lt;property name="authenticationDao" ref="jdbcDaoImpl" /> * &lt;property name="authenticationDao" ref="jdbcDaoImpl" />
* &lt;property name="switchUserUrl">&lt;value>/j_spring_security_switch_user&lt;/value>&lt;/property> * &lt;property name="switchUserUrl">&lt;value>/j_spring_security_switch_user&lt;/value>&lt;/property>
* &lt;property name="exitUserUrl">&lt;value>/j_spring_security_exit_user&lt;/value>&lt;/property> * &lt;property name="exitUserUrl">&lt;value>/j_spring_security_exit_user&lt;/value>&lt;/property>
* &lt;property name="targetUrl">&lt;value>/index.jsp&lt;/value>&lt;/property>&lt;/bean></pre></p> * &lt;property name="targetUrl">&lt;value>/index.jsp&lt;/value>&lt;/property>&lt;/bean>
* </pre>
* *
* @author Mark St.Godard * @author Mark St.Godard
* @version $Id$ * @version $Id$
@ -102,8 +109,6 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
private static final Log logger = LogFactory.getLog(SwitchUserProcessingFilter.class); private static final Log logger = LogFactory.getLog(SwitchUserProcessingFilter.class);
// ~ Static fields/initializers
// =============================================
public static final String SPRING_SECURITY_SWITCH_USERNAME_KEY = "j_username"; public static final String SPRING_SECURITY_SWITCH_USERNAME_KEY = "j_username";
public static final String ROLE_PREVIOUS_ADMINISTRATOR = "ROLE_PREVIOUS_ADMINISTRATOR"; public static final String ROLE_PREVIOUS_ADMINISTRATOR = "ROLE_PREVIOUS_ADMINISTRATOR";
@ -116,9 +121,6 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
private String switchUserUrl = "/j_spring_security_switch_user"; private String switchUserUrl = "/j_spring_security_switch_user";
private String targetUrl; private String targetUrl;
private SwitchUserAuthorityChanger switchUserAuthorityChanger; private SwitchUserAuthorityChanger switchUserAuthorityChanger;
// ~ Instance fields
// ========================================================
private UserDetailsService userDetailsService; private UserDetailsService userDetailsService;
//~ Methods ======================================================================================================== //~ Methods ========================================================================================================