microsoft supplies no secure way to do this. the best you can do is encrypt
the password and store where your like (note: all web sites on the server
will have access to it, if they know where). then your code will have to
impersonate the account before making any calls that require it. due asp.net
to thread agility (threads may switch during page processing), you can not
just do it once at the start of page processing.
-- bruce (sqlwork.com)
"Mark" <mf****@idonotlikespam.cce.umn.edu> wrote in message
news:u7**************@TK2MSFTNGP09.phx.gbl...
We're going to use impersonation in our web.config file to connect via
windows authentication to a SQL Server on the same domain. We'd like to
hash the password rather than store it in plain text in the web.config
file .... suggestions?
<identity impersonate="true" userName="mydomain\myuser"
password="mypass"/>
Thanks in advance!
Mark