This plugin allows us to use identity of another user. User have to log in with its real account and can choose to use an another profile. Can be useful for training/learning or development platforms.
Just enable it in the Manager (section “plugins”) by setting a rule. Impersonation can be allowed or denied for specific users. Furthermore, specific identities like administrators or anonymous users can be forbidden to impersonate.
<liclass="level2"><divclass="li"><strong>Use rule</strong>: Allow or deny only specific users to use this plugin</div>
</li>
<liclass="level2"><divclass="li"><strong>Identities use rule</strong>: Rule to define which identities can be spoofed. Useful to prevent impersonation with specific identities like CEO, administrators or anonymous/protected users.</div>
</li>
<liclass="level2"><divclass="li"><strong>Real attributes prefix</strong>: Prefix use to rename user real profile attributes.</div>
</li>
<liclass="level2"><divclass="li"><strong>Hidden attributes</strong>: Attributes not displayed</div>
</li>
<liclass="level2"><divclass="li"><strong>Skip empty values</strong>: Do not use empty profile attributes</div>
</li>
<liclass="level2"><divclass="li"><strong>Merge spoofed and real <abbrtitle="Single Sign On">SSO</abbr> groups</strong>: Can be useful for administrators to keep higher privileges</div>
</li>
</ul>
</li>
</ul>
<divclass="notewarning">You HAVE TO modify <strong>REMOTE_USER</strong> to log both real AND spoofed uid.
Keep in mind that real session is computed first. Afterward, if access is granted, impersonated session is computed with real and spoofed session attributes if Impersonation is allowed.