<identity impersonate="true"/> means can, not is

[David Thielen]

Hi;

I just want to confirm this. When I set <identity impersonate="true"/> that
means I can impersonate on the server side. It does not mean that
impersonation is set up in advance for each call to the code-behind.

correct ??? - thanks - dave

 

[Dominick Baier [DevelopMentor]]

that means that the request is executed in the security context of the client
or IUSR.

 

[Steven Cheng[MSFT]]

Hello Dave,

As for the <identity impersonate="xxx" /> setting, when you set it to
"true", that means the ASP.NET runtime (of that application) will
automatically impersonate each worker thread to running under the security
context forwarded from IIS(the security context maybe a client
authenticated user or the IIS anonymous user). And this is done
automatically at the initializing time of the worker thread. So if you
do not want this to happen automatically, but want to do it yourself
programmatically, you should turn off this setting.

Hope this helps.

Regards,

Steven Cheng
Microsoft MSDN Online Support Lead


==================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

==================================================


This posting is provided "AS IS" with no warranties, and confers no rights.



Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)