X over SSH is a nice feature which allow the X traffic to be encrypted in the SSH tunnel.
Executing su / sudo will although break the X traffic and result in a error

X11 connection rejected because of wrong authentication.
X connection to localhost:10.0 broken (explicit kill or server shutdown).

The problem is that the MIT-MAGIC-COOKIE not will survive sudo/su

Here is a little trick to add the originating users MIT-MAGIC-COOKIE to the end user

# ssh -X <username>@<hostname>
# xauth list

Output similar to:

<hostname>/unix:<display>  MIT-MAGIC-COOKIE-1  <unique MIT-MAGIC-COOKIE key>

Copy output from xauth list (whole line), then sudo / su

As new user:

# xauth add <the output of the above xauth list>
# export DISPLAY=<hostname>:<display>

Hostname & DISPLAY variable, which is also seen in the xauth list.
You might skip the EXPORT DISPLAY command if the DISPLAY variable is already configured correct.