spring-security icon indicating copy to clipboard operation
spring-security copied to clipboard

Published 20 hours ago verified publisher icon spring-projects

Missing JSON session support for "impersonate" (SwitchUserGrantedAuthority)

Open markusheiden opened this issue 2 years ago • 2 comments

Expected Behavior

"Impersonate" (SwitchUserGrantedAuthority) is supported by JSON session serialization (SecurityJackson2Modules).

Current Behavior

Not supported -> Exception.

Context

I want to use JSON sessions. SwitchUserGrantedAuthority is the only missing element that our application is using.

markusheiden avatar Aug 31 '22 16:08 markusheiden

Hi @markusheiden, thanks for opening.

I'm wondering whether you have tried registering your own mixin(s) as a workaround for having the mixin in the framework itself? I would not expect switch user to be very common, which is possibly why it's not included.

sjohnr avatar Sep 06 '22 13:09 sjohnr

Hi @sjohnr,

I did register it myself in our application and it works fine.

I try to always contribute back the stuff that fixes my problems with OSS, so I did the MR.

IMO this functionality is well-documented "standard" Spring Web stuff and should be supported. I think that nobody noticed it missing because not that many people know about JSON serialization.

markusheiden avatar Sep 06 '22 15:09 markusheiden