User Switcher for Cascade Server
Upcoming SlideShare
Loading in...5
×
 

User Switcher for Cascade Server

on

  • 285 views

Pima Community College has created a User Switcher tool that allows Cascade Server administrators to log in as another user without a password. Learn how the User Switcher works and how you can use it ...

Pima Community College has created a User Switcher tool that allows Cascade Server administrators to log in as another user without a password. Learn how the User Switcher works and how you can use it in your own CMS!

Statistics

Views

Total Views
285
Views on SlideShare
285
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

User Switcher for Cascade Server User Switcher for Cascade Server Presentation Transcript

  • User Switcher for Cascade Server Leah Einecker Pima Community College
  • Why? Verifying permissions / user setup User support General awesomeness
  • The easy part <form method="POST" action="doSwitch.jsp"> Who do you want to be today?<br /> <input type="text" name="wannabe" /> <input type="submit" value="Go" /> </form>
  • Check the submitted data if (wannabe == null) { response.sendRedirect("index.jsp"); } /* dunno what happens if you try to log in as username “!@$#!''%%--!#”. */ wannabe = wannabe.replaceAll("[^-w]", ""); String wannabe = request.getParameter("wannabe");
  • Check the user LoginInformationBean LoginInformationBean loginInfoBean = (LoginInformationBean)session.getAttribute("user"); String username = loginInfoBean.getUsername(); com.hannonhill.cascade.view.beans.security.
  • Dispensing beans org.springframework.context.ApplicationContext ApplicationContext appCtx = WebApplicationContextUtils.getWebApplicationContext( pageContext.getServletContext()); appCtx.getBean("myBeanName"); [cascade]/ROOT/WEB- INF/classes/com/hannonhill/cascade/config /spring/[xml files]
  • Dispensing services com.hannonhill.cascade.model.service. ServiceProviderHolderBean ServiceProviderHolderBean.getServiceProvider(). get___Service() [cascade]/ROOT/WEB- INF/classes/com/hannonhill/cascade/config /spring/applicationContextServices.xml
  • Verify role with RoleService if (!roleService.userHasRoleByRolename( username,"Administrator" )){ err = "Only Administrators can do that!"; } com.hannonhill.cascade.model.service.RoleService
  • A magical login bean com.hannonhill.cascade.view.struts.security. StrutsPerformLogin StrutsPerformLogin performLoginBean = (StrutsPerformLogin)appCtx.getBean("performLogin");
  • ...and login ! { performLoginBean.login(request, response, wannabe); } catch (Exception e) { err = "<p>A problem occurred logging you in! “ + "Did you enter an incorrect username?</p>“ + " <a href="index.jsp">Try again</a>"; } try
  • Gotchas Logs out the user if logged in elsewhere No tracking or auditing of switch (yet?) Once switched, actions attributed to new user If you switch to non-admin, you can’t switch back!
  • Where does the code go? Create new directory inside Cascade install [tomcat]/webapps/ROOT/pccCustom https://myCMS/pccCustom/path CMS login required! Prevents loss during CMS upgrade / accidental overwrites of Cascade Server code
  • Errors and logs [tomcat]/logs/catalina.out [tomcat]/logs/cascade.log [tomcat]/webapps/ROOT/WEB-INF/classes/ default-logging.properties
  • Free code! https://github.com/PimaCommunityCollege/user-switcher MIT license
  • Questions? Leah Einecker Pima Community College leinecker@pima.edu