Re: Web App Impersonation



Couldn't you just change the IE settings temporarily so that IWA auth always
prompts for credentials? That is by far the easiest solution I can think
of.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"David" <ddhatman@xxxxxxxxx> wrote in message
news:1152660359.448781.173380@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Ok, so it's not as simple or straightforward as it sounds, but here's
what I'm trying to do:

I have a web app where the user context is, by default, determined by
the user logged on to the machine at the time. (simple) However, we
would like to add the ability for another user to log into the web app,
such that the web app now thinks that it's the new person. Basically,
the User.Identity.Name first reads as 'mydomain\myuser' and after the
login, it reads as 'mydomain\newuser.' This is important, as much of
the user's experience weighs on the built-in functionality/stored
values of the .NET 2.0 Profile object.

I've tried several things and the closest I can get is using the method
outlined here:
http://msdn2.microsoft.com/en-us/library/system.security.principal.windowsimpersonationcontext.aspx
This method will change the context of the .NET process running on the
server. I'm convinced that I can use the 'LogonUser()' function to
determine if the credentials are correct, but I need the web context to
be changed, not the Windows context.

I've been puzzling over this task for a while, and maybe a fresh set of
eyes could help.

Thanks.



.



Relevant Pages

  • Re: GSS-API routine for renewing credentials
    ... GSS-API routine for renewing credentials ... you have to establish a new security context. ... is it a standard protocol? ...
    (comp.protocols.kerberos)
  • Re: Using GSSAPI to Authenticate to AD
    ... As mentioned in the thread above, it is possible to switch to ... different user security context using gss_krb5_ccache_name. ... obtained for an arbitrary account using the gss_acquire_cred function ... point to a ccache file with credentials for the desired account. ...
    (comp.protocols.kerberos)
  • Web App Impersonation
    ... I have a web app where the user context is, by default, determined by ... values of the .NET 2.0 Profile object. ... This method will change the context of the .NET process running on the ...
    (microsoft.public.dotnet.security)
  • Re: Instantiate expensive object *once* in JSP/Tomcat
    ... The startup event would create that object and place it in the web application's context while the shutdown even would trigger cleanup code. ... tied to being used in web app context. ... Regarding ServletContextListener instead of startup servlet: ...
    (comp.lang.java.programmer)
  • RE: SQL Database Connection Size
    ... Check your timeouts (web app, if involved, connection and command). ... > However, if the data is large> 15MB, it is prompt for username and> password. ... > Error Message ... > You do not have permission to view this directory or page using the> credentials that you supplied. ...
    (microsoft.public.dotnet.framework.adonet)