I am trying to set up an impersonation feature on our site that allows the admin to revert when they are done. The impersonation part works fine, but reverting is a problem. When I try to revert, it fails because the admin is "already logged in." I don't want to log the admin out until I know that that they can successfully impersonate. As far as I can tell, this can only be determined when AuthenticateUser is called. If successful, at that point we are using the impersonated user's account. If the impersonated user is not an admin, I have not been able to find a way to log out the impersonating admin's account and let them reauthenticate.
Does anyone have an idea how to get around this?
I could create another admin account, but that carries its own set of issues
Hi Brian. Not sure if it will helps for you, but you can try to enable self-logout "Automatically logout backend users from other HTTP clients on login"