Home/ Questions/Q 755263
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-14T15:06:35+00:00

We have a requirement, wherein the administrative user needs to proxy in as a

  • 0

We have a requirement, wherein the administrative user needs to proxy in as a certain user in an environment where several users (Role: User) are managed by an administrator (Role: Admin).

e.g If we have the following users in the database (admin, user1, user2, user3), we would want the admin to proxy as ‘user2’ and use the system in certain scenarios. Authentication in our web application is based username / password credentials, what mechanisms are available for the admin to proxy as ‘user2’ when he doesn’t have the password for ‘user2’. How can the application track such access for audit purposes to mention that ‘admin’ had proxied for ‘user2’ and performed certain actions.

I am looking for suggestions on supporting this in our j2ee (jboss seam) web application.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can create a custom registerAdminAsUser() method. 

    @Name("authenticationProxy")
public class AuthenticationProxy {

    private @In org.jboss.seam.security.Identity identity;

    /**
      * Starting with Seam 2.1+, you should use Credentials instead of Identity
      * To collect your username and password
      *
      * Your JSF Form should looks like
      *
      * <h:inputText value="#{credentials.username}"/>
      * <h:inputSecret value="#{credentials.password}"/>
      */
    private @In org.jboss.seam.security.Credentials credentials;

    public String registerAdminAsUser2() {

        identity.getCredentials().setUsername("user2");

        /**
          * Here you should provide any role which should be assigned to User2
          */
        identity.addRole("<A_ROLE>");
        identity.addRole("<OTHER_ROLE>");
        identity.addRole("<ANOTHER_ROLE>");

        /**
          * Do not call login method because it will call authenticate one
          * You do not have User2 password
          */
        // identity.login();

        return "loggedIn";
    }

    /**
      * Be aware you may need a unregisterAdminAsUser2
      */

}

    And to enable your proxy, create a commandButton

    <h:commandButton value="register Admin as User2" value="#{authenticationProxy.registerAdminAsUser2}" rendered="#{credentials.username == 'admin'}"/>

    To use some JSF component, do as follows

    <h:commandLink rendered="#{s:hasRole('<ANY_ROLE_ASSIGNED_TO_USER2_GOES_HERE>')}"/>

    I hope it can be useful to you!

    • 0