expiring passwords with impersonated identity
From: Anton Sokolovsky (anton_at_infopulse.com.ua)
Date: 10/26/04
- Next message: Scott Allen: "Re: CreateDirectory working inconsistantly from ASP.net"
- Previous message: Patrick.O.Ige: "Re: Forms Auth and FormsAuthentication.SignOut()Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 26 Oct 2004 12:07:44 +0300
Hi all !
Imagine ASP.NET application impersonating specific identity with webconfig:
<identity impersonate="true" userName="accountname" password="password" />
When accountname user is specially created to run this application and noone
uses it for interactive logon, there is no standard way to change the
password when it expires. This leads to ASP.NET application failing with
code 500.
There are 2 workarounds in this case that I came up to:
1. Try impersonating the user in the code for each page, and if fails
redirect to the page that gives the ability to change the password.
2. Same as #1 but done only once - in default.aspx
Question is: whith impersonation in default.aspx will the token be
application wide - used for any other subseqent page request within this
application, or it's scope is just a single page. Point is to reach
application-wide impersonation with a piece of code rather than using
webconfig.
Sorry if this question has been asked previously, but I cannot find it.
Thanks,
Anton.
- Next message: Scott Allen: "Re: CreateDirectory working inconsistantly from ASP.net"
- Previous message: Patrick.O.Ige: "Re: Forms Auth and FormsAuthentication.SignOut()Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
