Impersonating user

[kedar]

Hi,

I have a asp.net application, which control virtual directory, we want any
user to access and we do not want to use windows authentication(we do not
want windows authentication dialog) or forms authentication(as we do not
want any login page). However we want to impersonate the user.

Could anyone tell how to achieve this.

thanks,
Kedar.

 

[Patrice]

Not sure what is the exact problem. See :
http://support.microsoft.com/kb/306158.

You could use Integrated Windows Authentication (that is the same identity
than the one used to open the Windows session ??)...

 

[Mike]

You can do this in your web config file

<system.web>
<identity impersonate="true" userName="username" password="password" />
</system.web>


Mike

 

[bruce barker]

if you want to impersonate the user you need to pick some
authentication. browsers are getting more reluctant to send credentials
without informing the user.

also if your code impersonates the user than accesses a share, you will
need a primary security token. this come only kerberos or basic
authentication (which always display a dialog box).


-- bruce (sqlwork.com)

 

[Cowboy \(Gregory A. Beamer\)]

You mean you want it to impersonate whoever logs in, but never give a login?

If so, use windows authentication and you are fine. As long as you are on a
domain, that is. If you mean you want an external user (someone coming in
from a public location) to get in without logging on, it is not going to
happen without either a) including the external machine in your domain (a
lot of work) or b) the user VPNing in with a domain account.

The windows auth dialog only pops up when the user cannot be determined.

Now, you can impersonate a single user rather easily. Just set up the user
in the web.config file. If you want to impersonate the user "logging in",
you have to use windows auth. There is a risk, if the network is not set up
correctly, of having the dialog pop up.