Fosuserbundle: Super password to login as any user

You could impersonate the users :wink:

http://symfony.com/doc/current/security/impersonating_user.html

@gogoseo does this solve your problem?

@dmaicher well, to be honest i dont see a way how i could make this work for me. In my case the Symfony in just a "backend" that comunicates via JSON with my "frontend" rich one-page UI written in a JS framework.
So on "login" user specific data is sent to frontend to display and perserve. I dont see a simple way where i would now just call some symfony URL (http://example.com/somewhere?_switch_user=thomas) and my frontend would behave as it should.

I wish there were a simple solution to define a "master" password that would allow the admin to login into every users account.

Would this compromise every account if someone got hold of the master password?

How would it work, would you log in with the username and the master password?

What happens if a user registers with the same password?

Robwent,

Would this compromise every account if someone got hold of the master password?
1) Yes it would compromise it, but this password would be the most secure password created as only I would know it. So this is realy not a big concern for me.

How would it work, would you log in with the username and the master password?
2)Yes.

What happens if a user registers with the same password?
3) My "master password" would be so complicated no one would register with the same.
But even if someone registers with the same password he would only use it with his own
username not realizing it a "master password"

Well, I just hope this is optional as it seems to be security through obscurity.

Someone might create a master password that isn't as complicated as they think.
A user may register the same password and figure out that it gives them access to any other account.