Allowing Context Impersonation
There may be cases in which you want to allow a user to impersonate another user. For example, impersonation is used by the default Java Content Repository (JCR) Client. The JCR session is created as a system user (SysAdmin by default) with a known password and then the JCR session uses impersonation to switch to the real current user. This impersonation makes it possible for the current user to log into the JCR repository.
We do not recommend that you use the SysAdmin user to implement context impersonation, but another way to do so is to create a user with the Impersonate Users Functional Privilege set.
To set the Impersonate Users Functional Privilege for a user, see
Managing Access Privileges and Functional
Privileges.
On the Permissions panel, Impersonate Users is located at Functional Privileges > MWS > Impersonate Users.