What is Impersonation in ASP.NET?
Impersonation is an act of a user to pretend itself to be another
user. By default, ASP.NET executes application code using the same user
account as that of ASP.NET process i.e. Network Service. But with
impersonation enabled, it executes code with the windows identity of the
user making the request.
For example, if a user ‘user1′ logged in and IIS is setup to run as
Network Service. If ‘user1′ call a piece of code on another computer
(may be a web service call), the other computer will see the IIS user
instead of ‘user1′. But we can enable impersonation to allow ‘user1′ to
access the web service using its windows identity instead of Network
Service.
How to configure Impersonation in ASP.NET?
By default, impersonation is disabled in ASP.NET. Impersonation can be Enabled/Disabled as follows:
</configuration>
<system.web>
<identity impersonate=”true”/> <! — To disable set impersonate=”false” –>
</system.web>
</configuration>
Impersonate a specific user account as:<system.web>
<identity impersonate=”true”/> <! — To disable set impersonate=”false” –>
</system.web>
</configuration>
<identity impersonate=”true” userName=”user” password=”pwd” />
No comments:
Post a Comment