P
Peter Johansen
Hi,
I have a server that I use for shared hosting. For security reasons, I set
<identity impersonate="true" /> in my machine.config file, and set
allowOverRide="false" to prevent individual webs from impersonating anything
other than the IIS anonymous account.
The problem now is that I would actually like to impersonate a non-anonymous
user for one specific web application. This web application will allow users
to change their passwords so it can not be run under an anonymous identity.
I know I can change the the IIS anonymous user to an admin user, but I don't
really want to do that either.
Basically, all I need to do then is to find a way to prevent impersonation
for all web applications EXCEPT for this one web application.
Is this possible through machine.config or some other way?
Thanks - Peter
I have a server that I use for shared hosting. For security reasons, I set
<identity impersonate="true" /> in my machine.config file, and set
allowOverRide="false" to prevent individual webs from impersonating anything
other than the IIS anonymous account.
The problem now is that I would actually like to impersonate a non-anonymous
user for one specific web application. This web application will allow users
to change their passwords so it can not be run under an anonymous identity.
I know I can change the the IIS anonymous user to an admin user, but I don't
really want to do that either.
Basically, all I need to do then is to find a way to prevent impersonation
for all web applications EXCEPT for this one web application.
Is this possible through machine.config or some other way?
Thanks - Peter