we have an ASP.net web application running on IIS7. We have multiple users, but we don't always know their password. Here's what we'd like to be able to do:
Login as some sort of administrator, be presented with our current list of users, click some sort of "Run as John Doe user", at which point we'd be able to see the application (or certain pages) as that user.
We're looking to do this in a support/debugging capacity. I've looked into ASP.net's Impersonation, but that doesn't seem to apply here.
Any help/advice is appreciated. If I'm living in a d开发者_高级运维ream world, please let me know.
If you are using forms authentication all you need to do is to emit an authentication cookie with the username of the user you are trying to impersonate:
// Need to be signed as administrator in order to be
// able to impersonate
if (User.IsInRole("Administrator"))
{
FormsAuthentication.SetAuthCookie("johndoe", false);
}
and on the next request you will be John Doe. You could also store some value in the session to indicate that this is an administrator acting on behalf of John Doe if you ever needed this information.
If you are using Windows NTLM authentication I don't think this is possible (please correct me if I am wrong).
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论