Spring Security Missing JSON session support for "impersonate" (SwitchUserGrantedAuthority)

Expected Behavior

"Impersonate" (SwitchUserGrantedAuthority) is supported by JSON session serialization (SecurityJackson2Modules).

Current Behavior

Not supported -> Exception.

Context

I want to use JSON sessions. SwitchUserGrantedAuthority is the only missing element that our application is using.

Comment From: sjohnr

Hi @markusheiden, thanks for opening.

I'm wondering whether you have tried registering your own mixin(s) as a workaround for having the mixin in the framework itself? I would not expect switch user to be very common, which is possibly why it's not included.

Comment From: markusheiden

Hi @sjohnr,

I did register it myself in our application and it works fine.

I try to always contribute back the stuff that fixes my problems with OSS, so I did the MR.

IMO this functionality is well-documented "standard" Spring Web stuff and should be supported. I think that nobody noticed it missing because not that many people know about JSON serialization.