diff --git a/core/src/main/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilter.java b/core/src/main/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilter.java index 1f3ae8cd12..2ee52064a3 100644 --- a/core/src/main/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilter.java +++ b/core/src/main/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilter.java @@ -15,7 +15,35 @@ package net.sf.acegisecurity.ui.switchuser; +import net.sf.acegisecurity.AccountExpiredException; +import net.sf.acegisecurity.Authentication; +import net.sf.acegisecurity.AuthenticationCredentialsNotFoundException; +import net.sf.acegisecurity.AuthenticationException; +import net.sf.acegisecurity.CredentialsExpiredException; +import net.sf.acegisecurity.DisabledException; +import net.sf.acegisecurity.GrantedAuthority; +import net.sf.acegisecurity.UserDetails; +import net.sf.acegisecurity.context.SecurityContextHolder; +import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken; +import net.sf.acegisecurity.providers.dao.AuthenticationDao; +import net.sf.acegisecurity.providers.dao.User; +import net.sf.acegisecurity.providers.dao.UsernameNotFoundException; +import net.sf.acegisecurity.providers.dao.event.AuthenticationSwitchUserEvent; +import net.sf.acegisecurity.ui.WebAuthenticationDetails; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import org.springframework.beans.BeansException; +import org.springframework.beans.factory.InitializingBean; + +import org.springframework.context.ApplicationContext; +import org.springframework.context.ApplicationContextAware; + +import org.springframework.util.Assert; + import java.io.IOException; + import java.util.ArrayList; import java.util.Arrays; import java.util.List; @@ -29,29 +57,6 @@ import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import net.sf.acegisecurity.AccountExpiredException; -import net.sf.acegisecurity.Authentication; -import net.sf.acegisecurity.AuthenticationCredentialsNotFoundException; -import net.sf.acegisecurity.AuthenticationException; -import net.sf.acegisecurity.CredentialsExpiredException; -import net.sf.acegisecurity.DisabledException; -import net.sf.acegisecurity.GrantedAuthority; -import net.sf.acegisecurity.UserDetails; -import net.sf.acegisecurity.context.SecurityContextHolder; -import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken; -import net.sf.acegisecurity.providers.dao.AuthenticationDao; -import net.sf.acegisecurity.providers.dao.UsernameNotFoundException; -import net.sf.acegisecurity.providers.dao.event.AuthenticationSwitchUserEvent; -import net.sf.acegisecurity.ui.WebAuthenticationDetails; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.springframework.beans.BeansException; -import org.springframework.beans.factory.InitializingBean; -import org.springframework.context.ApplicationContext; -import org.springframework.context.ApplicationContextAware; -import org.springframework.util.Assert; - /** * Switch User processing filter responsible for user context switching. @@ -184,9 +189,8 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, */ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { - - Assert.isInstanceOf(HttpServletRequest.class,request); - Assert.isInstanceOf(HttpServletResponse.class,response); + Assert.isInstanceOf(HttpServletRequest.class, request); + Assert.isInstanceOf(HttpServletResponse.class, response); HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; @@ -198,7 +202,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, // update the current context to the new target user SecurityContextHolder.getContext().setAuthentication(targetUser); - + // redirect to target url httpResponse.sendRedirect(httpResponse.encodeRedirectURL(targetUrl)); @@ -252,12 +256,20 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, throw new AuthenticationCredentialsNotFoundException( "Could not find original Authentication object!"); } - - // TODO: fix target user on exit + + // get the source user details + UserDetails originalUser = null; + Object obj = original.getPrincipal(); + + if ((obj != null) && obj instanceof User) { + originalUser = (User) obj; + } + + // publish event if (this.context != null) { - context.publishEvent(new AuthenticationSwitchUserEvent( - current, null) ); - } + context.publishEvent(new AuthenticationSwitchUserEvent(current, + originalUser)); + } return original; } @@ -326,10 +338,10 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, // publish event if (this.context != null) { context.publishEvent(new AuthenticationSwitchUserEvent( - SecurityContextHolder.getContext().getAuthentication(), - targetUser) ); - } - + SecurityContextHolder.getContext().getAuthentication(), + targetUser)); + } + return targetUserRequest; } diff --git a/core/src/test/java/org/acegisecurity/providers/dao/event/AuthenticationEventTests.java b/core/src/test/java/org/acegisecurity/providers/dao/event/AuthenticationEventTests.java index 0c1653ca2d..0d0ce6aa7e 100644 --- a/core/src/test/java/org/acegisecurity/providers/dao/event/AuthenticationEventTests.java +++ b/core/src/test/java/org/acegisecurity/providers/dao/event/AuthenticationEventTests.java @@ -22,7 +22,6 @@ import net.sf.acegisecurity.GrantedAuthority; import net.sf.acegisecurity.GrantedAuthorityImpl; import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken; import net.sf.acegisecurity.providers.dao.User; -import net.sf.acegisecurity.ui.switchuser.SwitchUserGrantedAuthority; /** @@ -92,13 +91,13 @@ public class AuthenticationEventTests extends TestCase { public void testSwitchUserContextEvent() { Authentication auth = getAuthentication(); User targetUser = getUser(); - + AuthenticationSwitchUserEvent event = new AuthenticationSwitchUserEvent(auth, targetUser); assertEquals(auth, event.getAuthentication()); assertEquals(targetUser, event.getUser()); - } - + } + private Authentication getAuthentication() { UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken("Principal", "Credentials");