Application Security Context

[Jerry Camel]

This is probably a newbie type of question, but how / where can you specify
the security context in which server side code runs? I need to do some
active directory lookups and such that the current user might not have
access to. Is there a way to do this like there is for a windows service?
Thanks.

Jerry

 

[Tommy]

1. You can specify the request to run under a specific user using the Web.Config

<identity impersonate="true"
userName="domain1\user1"
password="password1"/>

2. You can dynamically impersonate into a different user at run-time, access the
active directory, and revert back to the original user.
Use the "Impersonate()" method in the
"System.Security.Principal.WindowsIdentity" class.

3. You can create a component that access the active directory. Run this
component in COM+ under a specify user. You can then have the ASP.NET page
call this component.

Tommy,

 

[Jerry Camel]

Great. Thanks. Exactly what I needed.

1. You can specify the request to run under a specific user using the Web.Config

<identity impersonate="true"
userName="domain1\user1"
password="password1"/>

2. You can dynamically impersonate into a different user at run-time, access the
active directory, and revert back to the original user.
Use the "Impersonate()" method in the
"System.Security.Principal.WindowsIdentity" class.

3. You can create a component that access the active directory. Run this
component in COM+ under a specify user. You can then have the ASP.NET page
call this component.

Tommy,

"Jerry Camel" <[email protected]> wrote in message