Re: How can I impersonate a user in code?

That NotSupportedException is pretty weird. I'm not sure what might cause
that. Can you show the full stack trace for the exception? I'd like to
know where it is coming from.

Joe K.

"Friso Wiskerke" <friso@xxxxxxxxxxxxx> wrote in message
news:%23BrDhDuMGHA.3272@xxxxxxxxxxxxxxxxxxxxxxx
Joe,

this is the example I tried to use in the web application but failed with
a NotSupported exception when calling the newId.Impersonate method.
There's no problem executing the code in a windows application though.

I think the best way for me at the moment is to use the web.config and
specifically specify the page(s) that the impersonation applies to as
stated in MikeS reply.

Thanx non the less...

Cheers,
Friso Wiskerke


"Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx> wrote
in message news:ukylI8kMGHA.2604@xxxxxxxxxxxxxxxxxxxxxxx
You can also use the LogonUser API to do this. That's the typical way.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfSystemSecurityPrincipalWindowsImpersonationContextClassTopic.asp?frame=true

Note that if you were trying to use the WindowsIdentity constructor that
takes a UPN, there are bunch of restrictions on how it can be used. That
is the "protocol transition" constructor. PT only works if your AD
forest is 2003 native mode and the client OS is 2003 or higher. Also,
you can only use the returned WindowsIdentity for impersonation to access
local resources if the calling account has "act as part of the operating
system" privilege. Only SYSTEM has this by default.

HTH,

Joe K.

"MikeS" <michael.spencer@xxxxxxxxx> wrote in message
news:1140009603.544490.327090@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
You might use a location tag to specify that only the page you post to
impersonates.

<location path="upload.aspx">
<system.web>
<identity impersonate="true" userName="UID"
password="PWD"></identity>
</system.web>
</location>







.

Relevant Pages