B
Brad
I have an asp.net app with one sub folder that requires windows
authentication. The IIS folder is set to require intergrated security and
the sub folder has its own web.config
with the following setting.
<identity impersonate="true" />
<authorization>
<allow users ="*" />
</authorization>
This works fine and WindowsIdentity.GetCurrent.Name yields the true users
identity.
But...if I remove the web.config from the sub folder and place the above
settings in a "location" element in the apps web.config (se below) then
impersonation seems to fail and the "WindowsIdentity.GetCurrent.Name
always equals "NT AUTHORITY\NETWORK SERVICE".
<location path="subfoldername/page.aspx">
<system.web>
<identity impersonate="true" />
<authorization>
<allow users ="*" /><!-- This allows access to all users -->
</authorization>
</system.web>
</location>
My question is: Why does setting the impersonate in the location element in
the apps web.config behave differently than setting it in the separate
web.config?
Brad
authentication. The IIS folder is set to require intergrated security and
the sub folder has its own web.config
with the following setting.
<identity impersonate="true" />
<authorization>
<allow users ="*" />
</authorization>
This works fine and WindowsIdentity.GetCurrent.Name yields the true users
identity.
But...if I remove the web.config from the sub folder and place the above
settings in a "location" element in the apps web.config (se below) then
impersonation seems to fail and the "WindowsIdentity.GetCurrent.Name
always equals "NT AUTHORITY\NETWORK SERVICE".
<location path="subfoldername/page.aspx">
<system.web>
<identity impersonate="true" />
<authorization>
<allow users ="*" /><!-- This allows access to all users -->
</authorization>
</system.web>
</location>
My question is: Why does setting the impersonate in the location element in
the apps web.config behave differently than setting it in the separate
web.config?
Brad