Impersonating user

Discussion in 'ASP .Net' started by kedar, Sep 12, 2007.

  1. kedar

    kedar Guest

    Hi,

    I have a asp.net application, which control virtual directory, we want any
    user to access and we do not want to use windows authentication(we do not
    want windows authentication dialog) or forms authentication(as we do not
    want any login page). However we want to impersonate the user.

    Could anyone tell how to achieve this.

    thanks,
    Kedar.
    kedar, Sep 12, 2007
    #1
    1. Advertising

  2. kedar

    Patrice Guest

    Not sure what is the exact problem. See :
    http://support.microsoft.com/kb/306158.

    You could use Integrated Windows Authentication (that is the same identity
    than the one used to open the Windows session ??)...

    --
    Patrice

    "kedar" <> a écrit dans le message de news:
    ...
    >
    > Hi,
    >
    > I have a asp.net application, which control virtual directory, we want any
    > user to access and we do not want to use windows authentication(we do not
    > want windows authentication dialog) or forms authentication(as we do not
    > want any login page). However we want to impersonate the user.
    >
    > Could anyone tell how to achieve this.
    >
    > thanks,
    > Kedar.
    >
    Patrice, Sep 12, 2007
    #2
    1. Advertising

  3. kedar

    Mike Guest

    You can do this in your web config file

    <system.web>
    <identity impersonate="true" userName="username" password="password" />
    </system.web>


    Mike

    "kedar" <> wrote in message
    news:...
    >
    > Hi,
    >
    > I have a asp.net application, which control virtual directory, we want any
    > user to access and we do not want to use windows authentication(we do not
    > want windows authentication dialog) or forms authentication(as we do not
    > want any login page). However we want to impersonate the user.
    >
    > Could anyone tell how to achieve this.
    >
    > thanks,
    > Kedar.
    >
    Mike, Sep 12, 2007
    #3
  4. kedar

    bruce barker Guest

    if you want to impersonate the user you need to pick some
    authentication. browsers are getting more reluctant to send credentials
    without informing the user.

    also if your code impersonates the user than accesses a share, you will
    need a primary security token. this come only kerberos or basic
    authentication (which always display a dialog box).


    -- bruce (sqlwork.com)

    kedar wrote:
    > Hi,
    >
    > I have a asp.net application, which control virtual directory, we want any
    > user to access and we do not want to use windows authentication(we do not
    > want windows authentication dialog) or forms authentication(as we do not
    > want any login page). However we want to impersonate the user.
    >
    > Could anyone tell how to achieve this.
    >
    > thanks,
    > Kedar.
    >
    >
    bruce barker, Sep 12, 2007
    #4
  5. You mean you want it to impersonate whoever logs in, but never give a login?

    If so, use windows authentication and you are fine. As long as you are on a
    domain, that is. If you mean you want an external user (someone coming in
    from a public location) to get in without logging on, it is not going to
    happen without either a) including the external machine in your domain (a
    lot of work) or b) the user VPNing in with a domain account.

    The windows auth dialog only pops up when the user cannot be determined.

    Now, you can impersonate a single user rather easily. Just set up the user
    in the web.config file. If you want to impersonate the user "logging in",
    you have to use windows auth. There is a risk, if the network is not set up
    correctly, of having the dialog pop up.

    --
    Gregory A. Beamer
    MVP, MCP: +I, SE, SD, DBA

    *************************************************
    | Think outside the box!
    |
    *************************************************
    "kedar" <> wrote in message
    news:...
    >
    > Hi,
    >
    > I have a asp.net application, which control virtual directory, we want any
    > user to access and we do not want to use windows authentication(we do not
    > want windows authentication dialog) or forms authentication(as we do not
    > want any login page). However we want to impersonate the user.
    >
    > Could anyone tell how to achieve this.
    >
    > thanks,
    > Kedar.
    >
    Cowboy \(Gregory A. Beamer\), Sep 12, 2007
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?SW5kZXB0aA==?=
    Replies:
    1
    Views:
    463
    Bruce Barker
    Apr 1, 2005
  2. =?iso-8859-1?q?Eir=EDkur_Fannar_Torfason?=

    Occasional SecurityException when impersonating a user on a new thread

    =?iso-8859-1?q?Eir=EDkur_Fannar_Torfason?=, May 18, 2007, in forum: ASP .Net
    Replies:
    4
    Views:
    422
    =?Utf-8?B?RWlyw61rdXIgRmFubmFyIFRvcmZhc29u?=
    May 18, 2007
  3. Jamie

    impersonating windows authenticated user?

    Jamie, Feb 9, 2004, in forum: ASP .Net Security
    Replies:
    5
    Views:
    200
    Ken Schaefer
    Feb 11, 2004
  4. Replies:
    4
    Views:
    226
    Consultant
    Feb 15, 2007
  5. kedar

    Impersonating user

    kedar, Sep 12, 2007, in forum: ASP .Net Security
    Replies:
    4
    Views:
    111
    Dominick Baier
    Sep 14, 2007
Loading...

Share This Page