Access Denied using Impersonation

R

Ryan

I am developing an intranet application that uses windows
authentication and impersonation. The problem I'm having
is that it seems when the session ends the access token
is lost (just a guess) and when the user tries to load
the page again an Access Denied error is generated. Has
anyone experienced this before and know of a workaround.

Any help is greatly appreciated. Thank You!

Ryan
 
H

Holly Mazerolle

If this is a situation where the user is logged on to a domain and you are
using Windows Integrated Authentication in IIS the session should not
matter. Even if the session ends, on the next request, the same credentials
should be passed to the server and used. If you think it is the session, a
good test would be to lower the timeout to maybe 5 mins and try the same
steps with that.

You can find the timeout setting in the web.config file. Another thing you
could do if you are not sure what user is really trying to access the file
at the time the error occurs would be to run filemon from
www.sysinternals.com. You can look for Access Denieds and it will also list
the account that is doing the access.

This posting is provided "AS IS" with no warranties, and confers no rights.
Hope this helps.
Holly
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top