Index: lams_central/src/java/org/lamsfoundation/lams/web/LoginAsAction.java
===================================================================
diff -u -rc7dc0249ead6c4ea15d25498aaf97fa8544f4613 -raca155324b1182b4fc6377e45f366e80f3028a69
--- lams_central/src/java/org/lamsfoundation/lams/web/LoginAsAction.java	(.../LoginAsAction.java)	(revision c7dc0249ead6c4ea15d25498aaf97fa8544f4613)
+++ lams_central/src/java/org/lamsfoundation/lams/web/LoginAsAction.java	(.../LoginAsAction.java)	(revision aca155324b1182b4fc6377e45f366e80f3028a69)
@@ -30,49 +30,61 @@
 import org.apache.struts.action.ActionForm;
 import org.apache.struts.action.ActionForward;
 import org.apache.struts.action.ActionMapping;
+import org.lamsfoundation.lams.usermanagement.dto.UserDTO;
 import org.lamsfoundation.lams.usermanagement.service.IUserManagementService;
+import org.lamsfoundation.lams.util.CentralConstants;
 import org.lamsfoundation.lams.util.MessageService;
 import org.lamsfoundation.lams.util.WebUtil;
+import org.lamsfoundation.lams.util.audit.IAuditService;
+import org.lamsfoundation.lams.web.session.SessionManager;
+import org.lamsfoundation.lams.web.util.AttributeNames;
 import org.springframework.web.context.WebApplicationContext;
 import org.springframework.web.context.support.WebApplicationContextUtils;
 
 /**
  * @author jliew
- *
+ * 
  * @struts.action path="/loginas" validate="false"
  * @struts.action-forward name="usersearch" path="/admin/usersearch.do"
  */
 public class LoginAsAction extends Action {
-	
-	public ActionForward execute(ActionMapping mapping,
-            ActionForm form,
-            HttpServletRequest request,
-            HttpServletResponse response) throws Exception {
-		
-		WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(getServlet().getServletContext());
-		IUserManagementService service = (IUserManagementService) ctx.getBean("userManagementService");
-		MessageService messageService = (MessageService)ctx.getBean("centralMessageService");
-		String login = WebUtil.readStrParam(request, "login", false);
-		
-		if (service.isUserSysAdmin()) {
-			if (login!=null && login.trim().length()>0) {
-				if (service.getUserByLogin(login)!=null) {
-					// logout, but not the LAMS shared session; needed by UniversalLoginModule
-					// to check for sysadmin role
-					request.getSession().invalidate();
-					
-					// send to index page; the following attribute will be cleared there
-					request.getSession().setAttribute("login", login);
-					return (new ActionForward("/index.jsp"));				
-				}
-			}
-		} else {
-			request.setAttribute("errorName", "LoginAsAction");
-			request.setAttribute("errorMessage", messageService.getMessage("error.authorisation"));
-			return mapping.findForward("error");
+
+    public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request,
+	    HttpServletResponse response) throws Exception {
+
+	WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(getServlet()
+		.getServletContext());
+	IUserManagementService service = (IUserManagementService) ctx.getBean("userManagementService");
+	MessageService messageService = (MessageService) ctx.getBean("centralMessageService");
+	String login = WebUtil.readStrParam(request, "login", false);
+
+	if (service.isUserSysAdmin()) {
+	    if (login != null && login.trim().length() > 0) {
+		if (service.getUserByLogin(login) != null) {
+		    
+		    // audit log when loginas
+		    UserDTO sysadmin = (UserDTO) SessionManager.getSession().getAttribute(AttributeNames.USER);
+		    IAuditService auditService = (IAuditService) ctx.getBean("auditService");
+		    String[] args = new String[]{sysadmin.getLogin() + "(" + sysadmin.getUserID() + ")", login};
+		    String message = messageService.getMessage("audit.admin.loginas", args);
+		    auditService.log(CentralConstants.MODULE_NAME, message);
+		    
+		    // logout, but not the LAMS shared session; needed by UniversalLoginModule
+		    // to check for sysadmin role
+		    request.getSession().invalidate();
+
+		    // send to index page; the following attribute will be cleared there
+		    request.getSession().setAttribute("login", login);
+		    return (new ActionForward("/index.jsp"));
 		}
-		
-		return mapping.findForward("usersearch");
+	    }
+	} else {
+	    request.setAttribute("errorName", "LoginAsAction");
+	    request.setAttribute("errorMessage", messageService.getMessage("error.authorisation"));
+	    return mapping.findForward("error");
 	}
 
+	return mapping.findForward("usersearch");
+    }
+
 }