From d3c7d79f7f750dddd618d4143a23ca1a584cc406 Mon Sep 17 00:00:00 2001
From: Nicholas Blair <nicholas.blair@wisc.edu>
Date: Thu, 3 Mar 2016 14:30:28 -0600
Subject: [PATCH] Removed unnecessary log noise, added logging to
 matchesRequiredGrantedAuthority

Noise was copied from Spring Security SwitchUserFilter, not relevant to this use case, as it applies to every request, not just a special login attempt.
---
 .../impersonation/SwitchUserOnHeaderFilter.java   | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/uw-spring-security-web/src/main/java/edu/wisc/uwss/impersonation/SwitchUserOnHeaderFilter.java b/uw-spring-security-web/src/main/java/edu/wisc/uwss/impersonation/SwitchUserOnHeaderFilter.java
index 08db336..2eb968f 100644
--- a/uw-spring-security-web/src/main/java/edu/wisc/uwss/impersonation/SwitchUserOnHeaderFilter.java
+++ b/uw-spring-security-web/src/main/java/edu/wisc/uwss/impersonation/SwitchUserOnHeaderFilter.java
@@ -302,13 +302,16 @@ public class SwitchUserOnHeaderFilter extends GenericFilterBean {
    *         {@link GrantedAuthority#getAuthority()} equals {@link #getRequiredGrantedAuthority()}.
    */
   protected boolean matchesRequiredGrantedAuthority(Authentication authentication) {
-    if(authentication == null || CollectionUtils.isEmpty(authentication.getAuthorities())) return false;
-    for(GrantedAuthority authority : authentication.getAuthorities()) {
-      if(authority.getAuthority().equals(getRequiredGrantedAuthority())) {
-        return true;
+    boolean result = false;
+    if(authentication != null) {
+      for (GrantedAuthority authority : authentication.getAuthorities()) {
+        if (authority.getAuthority().equals(getRequiredGrantedAuthority())) {
+          result = true;
+        }
       }
     }
-    return false;
+    logger.debug("matchesGrantedAuthority for authentication {}, looking for {}, returning {}", authentication, getRequiredGrantedAuthority(), result);
+    return result;
   }
   
   /**
@@ -326,7 +329,6 @@ public class SwitchUserOnHeaderFilter extends GenericFilterBean {
       }
       return result;
     }
-    logger.warn("detected request attempting to use switch user header {} by authentication {}", getSwitchUserHeaderName(), authentication);
     return false;
   }
   /**
@@ -344,7 +346,6 @@ public class SwitchUserOnHeaderFilter extends GenericFilterBean {
       }
       return result;
     }
-    logger.warn("detected request attempting to use switch exit header {} by authentication {}", getSwitchExitHeaderName(), authentication);
     return false;
   }
   /**
-- 
GitLab