Security in .NET Impersonation

Impersonation in .Net allows you to run an application in a particular user account which is determined by you. Usually the account in which the application runs is ASPNET or NETWORK SERVICE depending on the version of IIS you are running in your machine.

With IIS 5.0 the ASPNET account is used and it is not possible to override this account in the web.config file. In the IIS 6.0 you can configure this in the web.config file so that you can run the application on a different user account.

In the web.config file you can include the line,
<identity impersonate = “true” /> to enable impersonation. You can also impersonate for a particular user with the syntax, <identity impersonate = “true” username = “user_name” password = “user_pwd” />

So with the configuration in the web.config file you can run the application under a different user account. Although you might have different authentication models the underlying account in which the application runs is not changed. The security context is not changed although authentication is a tool. With classic ASP, this is not possible.







______________________________________________________

Recommended Resource



| Security in .NET Impersonation | ASP.NET Impersonation for a specific user | Implementing Impersonation in ASP.NET | Identity Impersonation in .NET | How to Enable and Disable Impersonation in ASP.NET |



_______________

FREE Subscription

Stay Current With the Latest Technology Developments Realted to .NET. Signup for Our Newsletter and Receive New Articles Through Email.

Name:

Email:

Note : We never rent, trade, or sell our email lists to anyone. We assure that your privacy is respected and protected.


 

| Privacy Policy for www.dotnet-guide.com | Disclosure | Contact |

Copyright - © 2004 - 2017 - All Rights Reserved.