If I impersonate a user in the web.config but the application runs under an application pool which uses another identity, which identity would be used when you access resources (say files) on the server?
Another question, can you run a page under a separate identity from rest of the application?
When you access resources on the server the user will be the one specified on the impersonation configuration NOT the one on the application pool
Impersonation enabled for a specific identity. In this instance, ASP.NET impersonates the token generated using an identity specified in the Web.config file.
<identity impersonate="true"
userName="domain\user"
password="password" />
Impersonation enabled. In this instance, ASP.NET impersonates the token passed to it by IIS, which is either an authenticated user or the anonymous Internet user account.
<identity impersonate="true" />
Source: MSDN
In case you're interested, here you have an article with a Identity matrix for different impersonate scenarios.
And yes, you can impersonate programatically as Alex Dn said
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With