ASP.NET - Forms authentication user impersonation

Christ Akkermans

Rate me:

4.63/5 (19 votes)

12 Nov 2009CPOL10 min read

120.4K

4.4K

An ASP.NET class and accompanying control for providing application support users with a 'login as user ...' function the right way.

formsauthenticationuserimpersonation_example.zip
- App_Code
  - ReadOnlyXmlMembershipProvider.cs
- App_Data
  - Users.xml
- Bin
  - FormsAuthenticationUserImpersonation.dll
- Default.aspx
- Default.aspx.cs
- Deimpersonate.aspx
- Login.aspx
- MasterPage.master
- Private
  - Alice.aspx
  - Alice.aspx.cs
- Web.config
formsauthenticationuserimpersonation_bin.zip
- FormsAuthenticationUserImpersonation.dll
formsauthenticationuserimpersonation_src.zip
- FormsAuthenticationUserImpersonation
  - bin
    - Release
      - FormsAuthenticationUserImpersonation.dll
  - FormsAuthenticationUserImpersonation.csproj
  - FormsAuthenticationUserImpersonation.sln
  - LoginUserImpersonation.cs
  - Properties
    - AssemblyInfo.cs
  - UserImpersonation.cs

<?xml version="1.0"?>
<!-- 
    Note: As an alternative to hand editing this file you can use the 
    web admin tool to configure settings for your application. Use
    the Website->Asp.Net Configuration option in Visual Studio.
    A full list of settings and comments can be found in 
    machine.config.comments usually located in 
    \Windows\Microsoft.Net\Framework\v2.x\Config 
-->
<configuration>
	<appSettings/>
	<connectionStrings/>
	<system.web>
		<!-- 
            Set compilation debug="true" to insert debugging 
            symbols into the compiled page. Because this 
            affects performance, set this value to true only 
            during development.
        -->
		<compilation debug="true"/>
		<!--
            The <authentication> section enables configuration 
            of the security authentication mode used by 
            ASP.NET to identify an incoming user. 
        -->
		<authentication mode="Forms"/>
		<!--
            The <customErrors> section enables configuration 
            of what to do if/when an unhandled error occurs 
            during the execution of a request. Specifically, 
            it enables developers to configure html error pages 
            to be displayed in place of a error stack trace.

        <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
            <error statusCode="403" redirect="NoAccess.htm" />
            <error statusCode="404" redirect="FileNotFound.htm" />
        </customErrors>
        -->
		<membership defaultProvider="AspNetReadOnlyXmlMembershipProvider">
			<providers>
				<add name="AspNetReadOnlyXmlMembershipProvider" type="ReadOnlyXmlMembershipProvider" description="Read-only XML membership provider" xmlFileName="~/App_Data/Users.xml"/>
			</providers>
		</membership>

    <pages>
      <controls>
        <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="FormsAuthenticationUserImpersonation" />
      </controls>
    </pages>
	</system.web>
  <location path="Private">
    <system.web>
      <authorization>
        <allow users="Alice" />
        <deny users="*" />
      </authorization>
    </system.web>
  </location>
</configuration>

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Written By

Christ Akkermans

Netherlands

Developer at AlertA contractbeheer.

ASP.NET - Forms authentication user impersonation

License

Comments and Discussions