Impersonation is the process of executing code in the context of another user identity. By default, all ASP.NET code is executed using a fixed machine-specific account. To execute code using another identity we can use the built-in impersonation capabilities of ASP.NET. We can use a predefined user account or user's identity, if the user has already been authenticated using a windows account.
We can use the impersonation in this two scenarios:
1.) To give each web application different permissions.
2.) To use existing Windows user permission.
These two scenario are fundamentally different. In the first one, impersonation defines a single, specific account. In this case, no matter what user access the application, and no matter what type of user-level security you use, the code will run under the account you've set.
In the second one, the user must be authenticated by IIS. The web-page code will then execute under the identity of the appropriate user.
Implement Impersonation:
Impersonate the Microsoft IIS Authenticated Account or User : To impersonate the IIS authenticating user on every request for every page in an ASP.NET application, we must include an
Impersonate a Specific User:To impersonate a specific user for all the requests on all pages of an ASP.NET application, you can specify the userName and password attributes in the
No comments:
Post a Comment