RE: SetPrincipalPolicy in ASP.NET

Hi Richlm,

From your description, you're wantting to build a trusted sub-system for
your ASP.NET application and wonder what's the proper way to configure
ASP.NET security settings, correct?

Based on my experience, the "AppDomain.CurrentDomain.SetPrincipalPolicy" is
seldom used in ASP.NET application. ASP.NET application has its own
security settings:

** the authentication (in IIS and ASP.NET side)

** the impersonate

the authentication will control whether the IIS will forward security
credential of client to ASP.NET and whether ASP.NET will populate it in
current Thread's principal. The impersonate will control whether the
ASP.NET will change the current worker thread's security account(either the
one you set in web.config or the account forwarded from IIS/CLIENT).

For your scenario, a typical trusted sub-system mainly require a powerful
process account. That means you can change the process account to a custom
account which will have sufficient permission to access any resource your
application requires. And you'll no longer need to do impersonate(to run
thread under client authenticated account or account set in web.config).

Here are some reference about ASP.NET security settings:

#Authentication in ASP.NET: .NET Security Guidance

#Impersonation with ASP.NET 2.0

#How To: Use Impersonation and Delegation in ASP.NET 2.0

#Configuring Process Identity for ASP.NET (IIS 6.0)


Steven Cheng

Microsoft MSDN Online Support Lead

Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:

Get notification to my posts through email? Please refer to

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
This posting is provided "AS IS" with no warranties, and confers no rights.

From: "richlm" <niels_flensted@xxxxxxxxxxxxxxxxx>
Subject: SetPrincipalPolicy in ASP.NET
Date: Wed, 12 Mar 2008 13:12:11 +0100

Just curious really, I want to use a trusted subsystem approach in ASP.NET.
There are various ways to achieve it in config, e.g. impersonating the
anonymous user, but I observed that the following works too:


This results in Thread.CurrentPrincipal being set to the process identity
i.e. IIS worker process account.
Is this acceptable practice or could it cause problems in a web app?

(I had always associated the method with Winforms apps).