The code is based on decompiling the Microsoft.TeamFoundation.WebAccess which has the “Sign in as a different User” function.
namespace WindwsAuthTest.Controllers { public class HomeController : Controller { public ActionResult Index() { ViewBag.Message = "Welcome to ASP.NET MVC!"; return View(); } public ActionResult About() { return View(); } public ActionResult Logout() { return View(); } public ActionResult SignInAsDifferentUser() { HttpCookie cookie = base.Request.Cookies["TSWA-Last-User"]; if (base.User.Identity.IsAuthenticated == false || cookie == null || StringComparer.OrdinalIgnoreCase.Equals(base.User.Identity.Name, cookie.Value)) { string name = string.Empty; if (base.Request.IsAuthenticated) { name = this.User.Identity.Name; } cookie = new HttpCookie("TSWA-Last-User", name); base.Response.Cookies.Set(cookie); base.Response.AppendHeader("Connection", "close"); base.Response.StatusCode = 0x191; base.Response.Clear(); //should probably do a redirect here to the unauthorized/failed login page //if you know how to do this, please tap it on the comments below base.Response.Write("PageResources.UnauthorizedAccessMessage"); base.Response.End(); return RedirectToAction("Index"); } cookie = new HttpCookie("TSWA-Last-User", string.Empty) { Expires = DateTime.Now.AddYears(-5) }; base.Response.Cookies.Set(cookie); return RedirectToAction("Index"); } } }
Advertisement