Hi. I'm site collection administrator/(physical server administrator) in SharePoint (3.0), and I'm debugging other users' rights to access some of our own features. Is it possible, in any way, to log in as another user(with his/her rights) without knowing his password? I can create my own 'dummy' user assigned to same groups, but looking in 100+ groups if user is there isn't what I want to do this evening. Thanks.
-- y
I don't know if you can impersonate from UI only, but you can do it pragmatically.
I am not 100% sure, but I think you could create ASP.NET page that would handle the impersonation, thus leaving you logged in as the user you want. You could certainly run code to determine what you have access to if you are looking for something specific.
Here is a post about how to run impersonation code:
http://blackninjasoftware.com/2009/04/09/how-to-programmatically-impersonate-users-in-sharepoint/
I figured it out another way (my post for serverfault):
So. The solution is following: (not clean, but working)
1) write own IHttpModule, containing:
class LoginModule {
public void Init(HttpApplication context)
{
context.PreRequestHandlerExecute += new EventHandler(UglyHack);
}
void UglyHack(object sender, EventArgs e)
{
HttpCookie wannabe = (HttpContext.Current.Request.Cookies["_sp_admin_wanna_be_user"]);
if (wannabe != null && SPContext.Current.Web.CurrentUser.IsSiteAdmin)
{
SPWeb cw = SPContext.Current.Web;
typeof(SPWeb).GetField("m_CurrentUser", BindingFlags.NonPublic | BindingFlags.Instance).SetValue(
SPContext.Current.Web,
cw.AllUsers[wannabe.Value]);
}
}
}
2) Sign it
3) GAC it
4) to web.config().
Voila! Youre the man. :) (of course i added logic to add cookie setting to menu, security, etc..)
sounds interesting!
How does it work exactly? or how do u add other logic: add cookie setting to menu, security?
More details will be helpful.........
thanks,
guangming