1

I have a ASP.NET MVC 5 WebApp using EF6. I've used identity for managing user account. Now I've a structure that under a user there can be sub users. Now what if I need to log in into sub user account without knowing his password? The password is stored encrypted in DB.

Is that possible? If not what are the work around.

Ashish Charan
  • 2,347
  • 4
  • 21
  • 33
  • Why do you need to log into other user's accounts? I've never needed to do this. – spender Apr 01 '15 at 12:56
  • Perhaps you can do some magic with Roles? – Dion V. Apr 01 '15 at 12:56
  • The point of having different accounts is to NOT be able to do that. Superuser should have role or claims to modify what his subusers can, but not to log with their accounts – tmg Apr 01 '15 at 12:59
  • It's very useful, for viewing pages as though you're the user. You can see what the user sees, and makes finding their specific issues much easier. – mfanto Apr 01 '15 at 15:25
  • I think this is a very interesting problem regardless of whether its a good idea to implement . FYI you might want to hash all of the users details otherwise there could be an issue with legal stuff .California for instance has the [Online Privacy Protection Act](http://en.wikipedia.org/wiki/Online_Privacy_Protection_Act) . So you would have to be very explicit in your privacy policy that the admin has this type of control. –  Apr 01 '15 at 16:44
  • Maybe this helps you: [http://stackoverflow.com/questions/24161782/how-do-i-use-asp-net-identity-2-0-to-allow-a-user-to-impersonate-another-user][1] – asat Apr 03 '15 at 12:43

0 Answers0