Skip to main content

Tomasz Nurkiewicz: su and sudo in Spring Security applications

A long time ago I worked on a project that had a quite powerful feature. There were two roles: user and supervisor. Supervisor could change any document in the system in any way while users were much more limited to workflow constraints. When a normal user had some issue with the document currently being edited and stored in HTTP session, supervisor could step in, switch to special supervisor mode and bypass all constraints...

Community: Java Enterprise