Security in ASP.NET
page 4 of 4
by . .
Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days): 21197/ 39



Impersonation lets ASP.NET restrict access to pages based on that user's identity. Normally ASP.NET takes the identity of the local machine which means that it has complete access to all files and folders. When impersonation is enabled, ASP.NET takes on the role that IIS assigns it. When ASP.NET is impersonating a user, Windows can restrict access to the application. Lets say that you have an ASP.NET application that acts like a file browser for the system, by default the user can see and do anything because ASP.NET has access, with impersonation ASP.NET only has access to pages that they would normally have (if logged in at the workstation), so anonymous users have very limited access.

That should give you a better look at what it's doing.


This article showed you the new ways that ASP.NET allows you to authenticate your users. I didn't go through authorization because that's basically the same as checking for access to a particular resource and getting a yes or no answer. For other articles on ASP.NET and Security see the Related Articles section.


View Entire Article

User Comments

No comments posted yet.

Product Spotlight
Product Spotlight 

Community Advice: ASP | SQL | XML | Regular Expressions | Windows

©Copyright 1998-2024  |  Page Processed at 2024-06-18 5:47:28 PM  AspAlliance Recent Articles RSS Feed
About ASPAlliance | Newsgroups | Advertise | Authors | Email Lists | Feedback | Link To Us | Privacy | Search