Impersonation allows the application to run as you (or any other user with different priveledges on the cmoputer), as if you were logged in to the computer running it itself.
When you have an application using forms authentication (FA) the IIS process is running under the credentials of a specific user setup in IIS. Example: If user called Bob logged on using FA and and IIS setup to run as Network Service. Bob accesses a page which makes a web service call to another computer, the other computer will see the IIS user and not Bob. You can use impersonation to allow Bob to access the web service as a real Windows user and not Network Service.
Impersonation is disabled. This is the default setting.
Impersonation enabled. In this instance, ASP.NET impersonates the token passed to it by IIS, which is either an authenticated user or the anonymous Internet user account (IUSR_machinename).
Impersonation enabled for a specific identity. In this instance, ASP.NET impersonates the token generated using an identity specified in the Web.config file.
<identity impersonate="true"
userName="domain\user"
password="password" />
No comments:
Post a Comment