Ask a Question related to ASP.NET Security, Design and Development.
-
Mark Miller #1
ASP.Net Impersonation
I am trying to understand Impersonation in the ASP.Net context. Here's what
I DO understand:
-Using Windows Authentication with impersonation="true" means that the
aspnet_wp will try and access the resource with the authenticated user's
credentials (token). If access is denied I get an IIS access denied message.
-I can set NTFS permissions on a file/folder and control access w/o using
code simply by assigning rights by user or group.
-setting impersonation="false" still authorizes the user using NTFS
permissions, but instead it is the aspnet_wp account that accesses the file
and checks the permissions. Then if access is denied ASP.Net throws an
exception.
Here's what I DON'T understand:
-What's the difference then between Windows Authentication with
impersonation turned on, and windows impersonation turned off? Other than
where the authorization takes place (ie. aspnet_wp or NTFS).
-When would I want to use one over the other?
Thanks in advance,
Mark Miller
Mark Miller Guest
-
Impersonation
Can someone explain this to me I have a web app I am trying to deploy for the Intranet of our company. I want to use integrated windows so have... -
Impersonation in ASP.Net
Hi, you can enter a domainuser for the anonymous access. Than you just have to activate impersonation for your web application. Modify the... -
Impersonation without DNS?
We are developing an ASP.NET web application with web services which links (2 way) with the Microsoft CRM via its SDK using Windows Authentication.... -
Using Impersonation
Is it ok to use impersonation in the web.config file for a web service? Let me tell you why I ask. My web service to ultimately connection to a... -
ASP.NET Impersonation over VPN?
Has anyone had any issues using Impersonation over a VPN? I work from home (have my own domain), and use Cisco's VPN Client (version 4) to... -
Paul Glavich [MVP ASP.NET] #2 Re: ASP.Net Impersonation
You also need to remember that IIS authentication is performed BEFORE
ASP.Net gets a chance to do anything with it. IIS determines which identity
or user context is passed to ASP.Net for which it can then do impersonation
if required.
It basically comes down to what user context you want your code to run in,
either the ASPNET/NEtwork Service user, the IUSR_..... user, or the
authenticated user from a domain
--
- Paul Glavich
ASP.NET MVP
ASPInsider ([url]www.aspinsiders.com[/url])
"Mark Miller" <mark_no_s_p_am_@maxpreps.com> wrote in message
news:eb0MJ5p7EHA.2316@TK2MSFTNGP15.phx.gbl...what> I am trying to understand Impersonation in the ASP.Net context. Here'smessage.> I DO understand:
> -Using Windows Authentication with impersonation="true" means that the
> aspnet_wp will try and access the resource with the authenticated user's
> credentials (token). If access is denied I get an IIS access deniedfile> -I can set NTFS permissions on a file/folder and control access w/o using
> code simply by assigning rights by user or group.
> -setting impersonation="false" still authorizes the user using NTFS
> permissions, but instead it is the aspnet_wp account that accesses the> and checks the permissions. Then if access is denied ASP.Net throws an
> exception.
> Here's what I DON'T understand:
> -What's the difference then between Windows Authentication with
> impersonation turned on, and windows impersonation turned off? Other than
> where the authorization takes place (ie. aspnet_wp or NTFS).
> -When would I want to use one over the other?
>
> Thanks in advance,
> Mark Miller
>
>
Paul Glavich [MVP ASP.NET] Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
