identity impersonation

Posted on 2005-04-25
Medium Priority
Last Modified: 2012-08-14

I'm curious as to when it is appropriate to use <identity impersonate="true" /> in a web application?  Seems like a security nightmare.  Isn't it easier to just add appropriate permissions to the ASPNET account?  Any links / references / info would be appreciated.

Thanks - Trevor
Question by:trevorhartman
LVL 15

Assisted Solution

praneetha earned 400 total points
ID: 13861667
well u can add it i gues sin cases...when u dont want to give access to aspnet account...and want some special account to handle it..which not necessarily is an administrator...

and may be when u have subdirectories and u have diff web.config in each subdirectory ...

may be i am nto sure...but that's a good question
LVL 33

Accepted Solution

raterus earned 800 total points
ID: 13861927
It's really good when you have an app where different users need different permissions.  For example, one of my applications has "personal folders", and only the person connected can access them, whether by the web application or through the normal file system.  Same concept applies if you are connected to sql server, and certain users have certain permissions to database objects.

Assisted Solution

by:Fred Goodwin
Fred Goodwin earned 800 total points
ID: 13861934
This causes the credentials to be passed from the end user.  So for instance if you wanted to give access to a web service only to specific users you would turn on identity impersonate in the web config and windows authentication in IIS.  Then you would give access to specific users or to a group that the users belong to the web service.  Its a great way to do security on a LAN.  Its pretty much useless on the open web.  We develop all of our intranet stuff this way.  

The web config will inherit down from the root so you wont need other web configs to make it work.

Hope that helps

Author Comment

ID: 13861940
cool, thanks for the insight

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A quick way to get a menu to work on our website, is using the Menu control and assign it to a web.sitemap using SiteMapDataSource. Example of web.sitemap file: (CODE) Sample code to add to the page menu: (CODE) Running the application, we wi…
International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question