asp.net web.config impersonation vs application pool identity
Question
If I impersonate a user in the web.config but the application runs under an application pool which uses another identity, which identity would be used when you access resources (say files) on the server?
Another question, can you run a page under a separate identity from rest of the application?
2 answers
solution1
11 2012-01-05 15:54:29
When you access resources on the server the user will be the one specified on the impersonation configuration NOT the one on the application pool
Impersonation enabled for a specific identity. In this instance, ASP.NET impersonates the token generated using an identity specified in the Web.config file.
<identity impersonate="true"
userName="domain\user"
password="password" />
Impersonation enabled. In this instance, ASP.NET impersonates the token passed to it by IIS, which is either an authenticated user or the anonymous Internet user account.
<identity impersonate="true" />
Source: MSDN
In case you're interested, here you have an article with a Identity matrix for different impersonate scenarios.
And yes, you can impersonate programatically as Alex Dn said
solution2
0 2012-01-05 15:50:54
1) In web.config.
2) You can do impersonation in code behind: http://support.microsoft.com/kb/306158
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.