:wave:
So we're building this website and we've decided to use forms security. We've added users and roles and put code in to control the display of certain functionality based upon User roles. It's all working great except for one thing.
Developers don't like to login to the website every time they want to test a page. So they do things like add a line to web.config like <allow users="*" /> right below <authorization >. This gets them past security, but then we get errors when we check User.IsInRole.
I know this can't be a new problem. How do development teams seemlessly turn forms authentication on and off while doing development?
So we're building this website and we've decided to use forms security. We've added users and roles and put code in to control the display of certain functionality based upon User roles. It's all working great except for one thing.
Developers don't like to login to the website every time they want to test a page. So they do things like add a line to web.config like <allow users="*" /> right below <authorization >. This gets them past security, but then we get errors when we check User.IsInRole.
I know this can't be a new problem. How do development teams seemlessly turn forms authentication on and off while doing development?