public static bool ImpersonateUser(string username, string password)
{
if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
return false;
CustomIdentity identity = new CustomIdentity(username, password);
if (!identity.IsAuthenticated) { return false; }
CustomPrincipal principal = new CustomPrincipal(identity);
// Make the custom principal be the user for the rest of this request.
HttpContext.Current.User = principal;
return true;
}