When do I use impersonation in ASP.NET 2.0?

From Guidance Share

Revision as of 06:29, 16 October 2006; Admin (Talk | contribs)
(diff) ←Older revision | Current revision | Newer revision→ (diff)
Jump to: navigation, search

J.D. Meier, Prashant Bansode, Alex Mackman


You should use impersonation in an ASP.NET application when you need to access local resources using security context of the original caller or a fixed identity. Impersonation of the authenticated caller is established with the following configuration

<identity impersonate="true"/>

By default any resources accessed by ASP.NET application are accessed under the security context of the ASP.NET process identity. In IIS 6.0 that is the NT Authority\Network Service account by default. Furthermore, impersonation can be fixed for the lifetime of the entire HTTP request or it can be enabled programmatically.

More Information

For more information on using impersonation, see “How To: Use Impersonation and Delegation in ASP.NET 2.0” at http://msdn.microsoft.com/library/en-us/dnpag2/html/PAGHT000023.asp

Personal tools