Re: ASP.NET Impersonation in a Windows 2003 non domain member serv



OK - you are talking about delegation. Which is something different.

Yeah - you need domain connectivity for that.


-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

Hi Dominick,

Thanks a lot for your answer.

I've tried both approaches you mention. They both work very well in a
domain member server but they don't work in a non domain member server
(cause there are no domain controller to authenticate the user). What
I need is a way to call a server component located at the internal
network by passing it a windows identity credential created at the non
domain member server.

Thanks again for your help.

Best regards,

Johann Granados

"Dominick Baier" wrote:

You need Windows authentication enabled for that.

Then you either generally impersonate for the length of the whole
request using the <identity impersonate="true" /> config switch - or
programmatically by calling

using (((WindowsIdentity)Context.User.Identity).Impersonate())
{
}
-----
Dominick Baier (http://www.leastprivilege.com)
Developing More Secure Microsoft ASP.NET 2.0 Applications
(http://www.microsoft.com/mspress/books/9989.asp)

Hi everybody,

Is it possible to do ASP.NET Impersonation in a windows 2003 non
domain member server (locate at the DMZ)? If so, how can I do that?

Thanks in advance for your kind reply

Best regards,

Johann Granados
Staff DotNet


.