diff --git a/uw-spring-security-web/src/main/java/edu/wisc/uwss/impersonation/SwitchUserOnHeaderFilter.java b/uw-spring-security-web/src/main/java/edu/wisc/uwss/impersonation/SwitchUserOnHeaderFilter.java
index 08db336e2a83b71a2487e14be7926f3bd2d0406d..2eb968f5f8f11bac92c9d737da9e451eaf39ed09 100644
--- a/uw-spring-security-web/src/main/java/edu/wisc/uwss/impersonation/SwitchUserOnHeaderFilter.java
+++ b/uw-spring-security-web/src/main/java/edu/wisc/uwss/impersonation/SwitchUserOnHeaderFilter.java
@@ -302,13 +302,16 @@ public class SwitchUserOnHeaderFilter extends GenericFilterBean {
* {@link GrantedAuthority#getAuthority()} equals {@link #getRequiredGrantedAuthority()}.
*/
protected boolean matchesRequiredGrantedAuthority(Authentication authentication) {
- if(authentication == null || CollectionUtils.isEmpty(authentication.getAuthorities())) return false;
- for(GrantedAuthority authority : authentication.getAuthorities()) {
- if(authority.getAuthority().equals(getRequiredGrantedAuthority())) {
- return true;
+ boolean result = false;
+ if(authentication != null) {
+ for (GrantedAuthority authority : authentication.getAuthorities()) {
+ if (authority.getAuthority().equals(getRequiredGrantedAuthority())) {
+ result = true;
+ }
}
}
- return false;
+ logger.debug("matchesGrantedAuthority for authentication {}, looking for {}, returning {}", authentication, getRequiredGrantedAuthority(), result);
+ return result;
}
/**
@@ -326,7 +329,6 @@ public class SwitchUserOnHeaderFilter extends GenericFilterBean {
}
return result;
}
- logger.warn("detected request attempting to use switch user header {} by authentication {}", getSwitchUserHeaderName(), authentication);
return false;
}
/**
@@ -344,7 +346,6 @@ public class SwitchUserOnHeaderFilter extends GenericFilterBean {
}
return result;
}
- logger.warn("detected request attempting to use switch exit header {} by authentication {}", getSwitchExitHeaderName(), authentication);
return false;
}
/**