Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

asp.net web.config impersonation vs application pool identity

If I impersonate a user in the web.config but the application runs under an application pool which uses another identity, which identity would be used when you access resources (say files) on the server?

Another question, can you run a page under a separate identity from rest of the application?

like image 692
developer747 Avatar asked Feb 03 '23 09:02

developer747


1 Answers

When you access resources on the server the user will be the one specified on the impersonation configuration NOT the one on the application pool

Impersonation enabled for a specific identity. In this instance, ASP.NET impersonates the token generated using an identity specified in the Web.config file.

<identity impersonate="true"
      userName="domain\user" 
      password="password" />

Impersonation enabled. In this instance, ASP.NET impersonates the token passed to it by IIS, which is either an authenticated user or the anonymous Internet user account.

 <identity impersonate="true" />

Source: MSDN

In case you're interested, here you have an article with a Identity matrix for different impersonate scenarios.

And yes, you can impersonate programatically as Alex Dn said

like image 161
Claudio Redi Avatar answered Feb 19 '23 08:02

Claudio Redi