Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Impersonate a membership user in ASP.NET

In a generic asp.net website with Membership, Roles and hashed passwords enabled, I would like to provide the administrators with impersonation so that they may browse the website as that user would. The website should function as if that user is logged on and then be able to revert to their own login.

What is the best approach to achieve this?

An example use-case: A website with two types of users: 'Buyer' and 'Admin'. The website provides a 'Purchase' button to buy something specifically provided to the user by the admins. i.e only that buyer can use the purchase button and make a payment. User has trouble so a support admin can 'impersonate' the user's login and purchase on their behalf or 'see' the trouble they are facing.

Without impersonation, the only way is to allow this in code and that negates the purpose of 'seeing the user's issue'. Not even if I was not using hashed passwords and had used FormsAuthentication.SignOut() and manually logged in the admin as the user.

I hope i am making sense above.

like image 933
Vaibhav Garg Avatar asked Oct 20 '11 13:10

Vaibhav Garg


1 Answers

Take a look at this sample on codeproject.com. I think it does what you're looking for.

like image 116
Greg Enslow Avatar answered Oct 16 '22 13:10

Greg Enslow