Re: ASP.NET Impersonation in a Windows 2003 non domain member server

From: Dominick Baier <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 20 Apr 2007 17:09:06 +0000 (UTC)

You need Windows authentication enabled for that.

Then you either generally impersonate for the length of the whole request using the <identity impersonate="true" /> config switch - or programmatically by calling

using (((WindowsIdentity)Context.User.Identity).Impersonate())
{
}

-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

Hi everybody,

Is it possible to do ASP.NET Impersonation in a windows 2003 non
domain member server (locate at the DMZ)? If so, how can I do that?

Thanks in advance for your kind reply

Best regards,

Johann Granados
Staff DotNet

Prev by Date: Re: How to access UNC from ASP.NET application?
Next by Date: Re: ASP.NET Impersonation in a Windows 2003 non domain member serv
Previous by thread: How to access UNC from ASP.NET application?
Next by thread: Re: ASP.NET Impersonation in a Windows 2003 non domain member serv
Index(es):
- Date
- Thread

Relevant Pages

Re: Remote call to COM impersonating another user
... This can be done by calling "CoInitializeSecurity" using PInvoke, when calling CoInitializeSecurity you'll have to set "DynamicCloaking" and the "Impersonate" level for proxies in order to be able to impersonate the "caller" at the server. ... IntPtr asAuthSvc, ...
(microsoft.public.dotnet.languages.csharp)
RE: Occasional SecurityException when impersonating a user on a new th
... Why don't you just use SQL server authentication? ... it won't matter what the identity is of the calling thread. ... the new thread impersonate the local user so that the thread will be ... executes a long running task in a separate thread and refresh the ...
(microsoft.public.dotnet.framework.aspnet)
Re: IIS Filters and SF_NOTIFY_AUTH_COMPLETE Notification
... You should be creating a separate thread to handle this call, ... Can you post the CCI call? ... doing anything before the CCI call (maybe something is calling ... > in order to impersonate the said user. ...
(microsoft.public.inetserver.iis.security)
Re: How to access other machines event log files from a web server?
... whom do you impersonate? ... Dominick Baier - DevelopMentor ... We have a .net web app, which will need to access event log files of ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: identity impersonate=true masks the identity of the app pool for trusted sql connections
... Dominick Baier ... security and their application pool identities according to this ... I have to have the impersonate flag ... local machine account. ...
(microsoft.public.dotnet.framework.aspnet.security)