Re: Who am I impersonating?

From: Aaron Margosis [MS] (aaron.margosis.ms_at_online.microsoft.com)
Date: 02/27/04 

Date: Fri, 27 Feb 2004 02:28:54 -0500

If the question is, "can I impersonate the caller in such a way that I can
access network resources as that caller", then:

If you are using integrated Windows authentication at the IIS level, the
answer is "no", unless:
* You enable Kerberos delegation for the account and the machines involved
in the delegation, or
* Your web browser is on the same machine as the web server.

If you are using Basic authentication at the IIS level, the answer is "yes"
if Basic auth is configured to use "interactive" logon. This is the default
for IIS5. (I'm blanking all of a sudden as to whether it is the default for
IIS6, but I think it isn't.)

-- Aaron

"Gary Bagen" <garbage400@hotmail.com> wrote in message
news:8b702e36.0402261607.41a8b185@posting.google.com...
> Is there a way I can get the user of the identity I will be
> impersonating to get network resources?
>
> I know WindowsIdentity.GetCurrent().Name for the person coming into
> the ASP.NET app but I want to do some testing of different
> combinations of impersonating based on Anon, Windows Auth, and
> impersonate = true in web.config. So I am looking for the identity
> that will be used for the ASP.NET app to go to a network resource.
>
> thanks,
> Gar

Relevant Pages

  • Re: Who am I impersonating?
    ... For production, what we plan on doing is using the ProcessModel ... with my ASP.NET temporary test app, I just wanted to display the name ... try and use network resources from the ASP.NET app. ... >> impersonating to get network resources? ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Who am I impersonating?
    ... impersonating to get network resources? ... combinations of impersonating based on Anon, Windows Auth, and ... that will be used for the ASP.NET app to go to a network resource. ...
    (microsoft.public.dotnet.framework.aspnet.security)