Authentication and Authorization in ASP.NET
page 3 of 6
by Joydip Kanjilal
Feedback
Average Rating: 
Views (Total / Last 10 Days): 67655/ 99

Impersonation

According to MSDN, "When using impersonation, ASP.NET applications can optionally execute with the identity of the client on whose behalf they are operating. The usual reason for doing this is to avoid dealing with authentication and authorization issues in the ASP.NET application code. Instead, you rely on Microsoft Internet Information Services (IIS) to authenticate the user and either pass an authenticated token to the ASP.NET application or, if unable to authenticate the user, pass an unauthenticated token. In either case, the ASP.NET application impersonates whichever token is received if impersonation is enabled. The ASP.NET application, now impersonating the client, then relies on the settings in the NTFS directories and files to allow it to gain access, or not. Be sure to format the server file space as NTFS, so that access permissions can be set”.

Impersonation is disabled by default and allows the ASP.NET process to act as the authenticated user, or as an arbitrary specified user. Impersonation can be specified in the web.config file as shown below:

Listing VIII

<identity impersonate="true"/> or <identityimpersonate="false"/>

It is also possible to use a particular identity for all authenticated requests. This is possible by specifying the following in the application’s web.config file:

<identity impersonate="true" username="username"password="password"/>

View Entire Article

User Comments

Title: Clear idea about Authentication and Authorization   
Name: Nandhini.S
Date: 2006-11-17 4:43:50 AM
Comment:
This article gives me a clear idea about authentication and authorization. It will be very useful for the Beginners.
Thanks a lot
Title: Authentiaction and Authorization in ASP.NET   
Name: By Vishal Bhosale
Date: 2006-11-15 3:08:25 PM
Comment:
This is very good and easy description and explaination and this would be very useful to asp.net programmers
Title: Authentication and Authorization in ASP.NET   
Name: Sameer Kothari
Date: 2006-11-15 4:01:18 AM
Comment:
It realy good artical.its helpful to me to develoerd the this
Title: very simple explanation of Authenication   
Name: Vijay
Date: 2006-11-10 2:05:58 AM
Comment:
I appreciate the author for simple and clear explnation of authnication and authorization
Title: Authentication and Authorization in ASP.NET   
Name: R.Prakash
Date: 2006-11-08 1:26:19 AM
Comment:
Really very nice
Regards
R.Prakash
Title: Authentication and Authorization in ASP.NET   
Name: Mahindra
Date: 2006-09-28 2:51:19 AM
Comment:
Its a Very Useful article.....hope everyone who reads this cud get benefit from this......
Title: very good   
Name: bhawani shanker
Date: 2006-09-26 8:06:14 AM
Comment:
i think it's a better article for understanding Authentication and Authorization
Title: Good Job   
Name: Noman Shaukat
Date: 2006-09-24 11:01:31 AM
Comment:
Great Article ..... Good job man
Title: Very good and simple explanation of the topic   
Name: Vikram
Date: 2006-09-23 4:02:43 AM
Comment:
Yes this is very good an simple explanation of the security in asp.net
vikram
http://www.vikramlakhotia.com/HomePage.aspx
Title: Authentication and Authorization in ASP.NET   
Name: selvaraj
Date: 2006-07-17 8:30:23 AM
Comment:
i thing this is quit enough for beginner aslo.
Title: Authentication   
Name: Samy
Date: 2006-07-05 4:29:53 AM
Comment:
it's an excellent article...very good way of explaning
Title: Authentication and Authorization in ASP.NET   
Name: By Joydip Kanjilal
Date: 2006-06-23 8:18:25 AM
Comment:
I truly appreciate Mr. Kanjilal taking the time to explain these concepts in such a simplified manner. Security is still quite an important topic, and will continue to be in my opinion, so I think his words have tremendous value.
Thank you Mr. Kanjilal!
Sincerely,
Vilmarie Barbosa

Product Spotlight
Product Spotlight 





Community Advice: ASP | SQL | XML | Regular Expressions | Windows


©Copyright 1998-2021 ASPAlliance.com  |  Page Processed at 2021-03-02 8:55:51 AM  AspAlliance Recent Articles RSS Feed
About ASPAlliance | Newsgroups | Advertise | Authors | Email Lists | Feedback | Link To Us | Privacy | Search