spring security (3.0.x) and user impersonation

Question

In my web application, there are times when an authenticated admin might want to impersonate another valid user of a system without having to know that user\'s password.

Answer 1

If you want an admin user to be able to impersonate another user (eg for QA/Testing purposes), have a look at the SwitchUserFilter

A decent example of the XML config you need is provided here