K
Kyle M. Burns
I've got a web app using the membership and role providers that needs to be
enhanced to support temporarily changing the logged in user () to support
performing actions with elevated privileges. The pages currently check
security using Page.User.IsInRole and auditing information is supplied to the
remote business objects using HttpContext.Current.User. Anybody have some
examples/direction on how to temporarily inject a new user so that the
existing code does not have to be aware? I'm envisioning putting an
"override" widget on my master page that allows someone to provide alternate
credentials to change the current user, provides visual indication that
override is activated, and provides a mechanism to remove the override and
return the actual user back to "current".
enhanced to support temporarily changing the logged in user () to support
performing actions with elevated privileges. The pages currently check
security using Page.User.IsInRole and auditing information is supplied to the
remote business objects using HttpContext.Current.User. Anybody have some
examples/direction on how to temporarily inject a new user so that the
existing code does not have to be aware? I'm envisioning putting an
"override" widget on my master page that allows someone to provide alternate
credentials to change the current user, provides visual indication that
override is activated, and provides a mechanism to remove the override and
return the actual user back to "current".