How to implement switch user in spring security rest using grails 2.4.3

Question

I need to implement switch user functionality using spring security rest plugin in Grails 2.4.3

Answer 1

Config.groovy changes.

Enable Switch User Functionality

grails.plugin.springsecurity.useSwitchUserFilter = true
grails.plugin.springsecurity.switchUser.switchFailureUrl="/admin/switchFailed"

Configure the Roles for Switch User, Here we are only allowing users with ADMIN role to switch.

grails.plugin.springsecurity.interceptUrlMap = [
    '/j_spring_security_switch_user': ['isFullyAuthenticated()', 'ROLE_ADMIN'],
    '/j_spring_security_exit_user': ['isFullyAuthenticated()', 'ROLE_ADMIN']
]

Rest Request

To Switch a User via Rest, Send a HTTP Post request to the following URL with username parameter.

/j_spring_security_switch_user?j_username={userNameToSwitch}

Update: Above solution is not working with Rest, as Rest uses Access Tokens instead of Session.

Here is how we can achieve it.

1. Add a new property "originalUsername" in AuthToken domain
2. Implement a new SwitchFilter similar to Springs SwitchFilter
3. This new filter will set the impersonating users username in "username" column and updates the originalUsername with current logged username.
4. Define and add the filter to filterChain in

resources.groovy

restTokenValidationFilter(SwitchFilter) {
   // injections
} 
SpringSecurityUtils.registerFilter 'restSwitchFilter', SecurityFilterPosition.ANONYMOUS_FILTER.order + 1