Hi guys I some help managing if we could say a user Session ImpersonationI have role schema implemented in my application, to keep it simple lets say that I have 2 roles
System Admin
Normal User
when a user log into the system they got redirected to their specific module EX: if the user is an administrator they got redirect to the admin section, so far no problem at all this is just to give you some context.One of the features for the system administrator is the ability to impersonate a Normal user Account that way they can perform any action as a regular user, the way that I did it was simple I just logged the system admin and re-authenticate as the user, the problem is when the same administrator want to be in more than one account at the same time, following that method I override the cookie session with the latest information so if I have 2 tabs for example and I decided to go to a previous tab when I refresh the tab the information that the system admin will get is the latest, so I was thinking about the possibility of trying to mix cookieless sessions to get all information into the url to in theory have multiple asp.net sessions.so the question is if that's possible, if the system is using cookie storage by default, can I have both system running at the same time? can I have the cookie system by default and set the cookieless system via programming?I just don't want to pass manually the user Id among all the actions and persist that information via query-string myself because at this stage that will practically break my code and I'll have to refactor a huge section of the systemAny comment will be totally welcome!
