SetPrincipalPolicy in ASP.NET

From: "richlm" <niels_flensted@xxxxxxxxxxxxxxxxx>
Date: Wed, 12 Mar 2008 13:12:11 +0100

Just curious really, I want to use a trusted subsystem approach in ASP.NET.
There are various ways to achieve it in config, e.g. impersonating the
anonymous user, but I observed that the following works too:

AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal).

This results in Thread.CurrentPrincipal being set to the process identity
i.e. IIS worker process account.
Is this acceptable practice or could it cause problems in a web app?

(I had always associated the method with Winforms apps).

.

Follow-Ups:
- Re: SetPrincipalPolicy in ASP.NET
  - From: Dominick Baier
- RE: SetPrincipalPolicy in ASP.NET
  - From: "Steven Cheng"

Prev by Date: how check if file or directory exit in network resource
Next by Date: Re: how check if file or directory exit in network resource
Previous by thread: how check if file or directory exit in network resource
Next by thread: RE: SetPrincipalPolicy in ASP.NET
Index(es):
- Date
- Thread

Relevant Pages

Re: Changing windows passwords remotely
... If you are impersonating the user on the web server side, ... >>I have a C# web app that uses mixed mode authentication (windows ... >> have a form that allows users to change their windows passwords ...
(microsoft.public.dotnet.languages.csharp)
Re: SetPrincipalPolicy in ASP.NET
... Developing More Secure Microsoft ASP.NET 2.0 Applications ... i.e. IIS worker process account. ... Is this acceptable practice or could it cause problems in a web app? ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: Changing windows passwords remotely
... If you are impersonating the user on the web server side, ... >I have a C# web app that uses mixed mode authentication (windows ... > have a form that allows users to change their windows passwords ...
(microsoft.public.dotnet.languages.csharp)