Re: Multiple Users with impersonation using one account
- From: Dominick Baier [DevelopMentor] <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 27 Dec 2005 12:40:37 -0800
Hi,
you don't need impersonation to check for user identity - Context.User.Identity.Name is populated with the clients name
is there any other need for impersonation??
you can revert back to process identity by calling WindowsIdentity.Impersonate(IntPtr.Zero) or use LogonUser to get a token for a different user that you can impersonate. But this also requires the password.
Windows Server 2003 also offers Protocol Transition which allows you to get a token without knowledge of the password.
But you should sort out first if impersonation is a requirement.
--------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com
Hi All,
I have several intranet applications that use impersonate=true and anonymous turned off to allow me to check for certain network users to use the application. Works great.
However, some applications use resources such as the file system for writing temporary files, or for opening files on other network servers. I don't want to maintain all of the security for each user on each resource. Is there a way to specify "when opening this file, don't use the credentials of who is logged in, use mydomain\joeuser instead?
Thanks, Jeff
.
- Follow-Ups:
- References:
- Prev by Date: Multiple Users with impersonation using one account
- Next by Date: Re: Multiple Users with impersonation using one account
- Previous by thread: Multiple Users with impersonation using one account
- Next by thread: Re: Multiple Users with impersonation using one account
- Index(es):
Relevant Pages
|
|
