When using Windows Authentication I can't disable impersonation
Question
I have the application pool of a web application set to run as a user called WebUser.
I have the following sections in my web.config:
<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>
<identity impersonate="false" />
I have created a file called a.txt and given only WebUser permissions on it. If I navigate to this file then I get a 401 error. However if I give my own user account access to this file then I can access it.
So it seems that the application is impersonating my identity. How can I make it run as the application pool user instead?
EDIT: Also - if I enable impersonation and make it impersonate WebUser then I still get a 401 error.
Thanks,
Joe
1 answers
solution1
0 2014-09-24 10:04:34
Ok I solved this by going to the site's advanced settings and changing the Physical Path Credential Logon Type to Interactive. I also had to set Physical Path Credentials to Specific User and enter WebUser's credentials, this stopped it from impersonating the authenticated user when accessing files.
Joe
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.