469,626 Members | 1,442 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,626 developers. It's quick & easy.

ASP.NET Impersonation

How can I temporaily impersonate another windows user within my asp.net
application to run a line of code? Do I need to know both the user name and
password?
Nov 18 '05 #1
1 1510
See Scott Galloway's code for temporary impersonation in an ASP.NET
app:
http://www.mostlylucid.co.uk/archive...12/05/662.aspx

The basic idea is to call into LogonUser and DuplicateToken.

However, you may run into problem with a scenario called the Single Hop
problem.
http://blogs.geekdojo.net/ryan/archi...12/10/427.aspx
http://blogs.geekdojo.net/justin/arc...12/10/430.aspx

To quote Justin Rudd from his post referenced above:
<quote>
This is what is commonly referred to in the NTLM world as the "one hop"
problem. For example, you are on machine A. You have a process that is
running as you and it calls a DCOM process on Machine B. Depending on
how the DCOM server is setup, it assumes your credentials (think
ASP.NET impersonation). Now if that DCOM server makes a call out to
another DCOM server, the credentials that go across the wire are the
credentials that the process is running as.

In IIS when you use Windows Authentication, you use your single hop as
soon as you connect to the web server. So if you have some code in
ASP.NET try to access a network resource, it will use the ASP.NET
worker process' credentials.
</quote>

You may need to have your ASP.NET application impersonate at the
application level (that's what I've had to fall back on):
http://msdn.microsoft.com/library/de...itySection.asp

This just involves a setting in web.config, as you probably know:
<identity impersonate="true|false" userName="domain\username"
password="password"/>

Other alternatives are serviced components and delegation:
http://msdn.microsoft.com/library/de...delegation.asp
- Jon
http://weblogs.asp.net/jgalloway

Nov 18 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

1 post views Thread by Ripa Horatiu | last post: by
3 posts views Thread by Wm. Scott Miller | last post: by
11 posts views Thread by Phil | last post: by
1 post views Thread by Patrick | last post: by
reply views Thread by velvet.graham | last post: by
5 posts views Thread by =?Utf-8?B?S2l0dHlIYXdr?= | last post: by
reply views Thread by gheharukoh7 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.