Re: Help using impersonation - permission problems.
- From: bruce barker <nospam@xxxxxxxxxx>
- Date: Fri, 19 Oct 2007 08:50:31 -0700
if you use identity impersonate with nt authentication, permissions are only good on the iis server. they cannot be used to access another server. this is a limitation of nt security (1 hop rule). you can switch to kerberos and enable credentials forwarding.
if you are just trying to give the web site permission, then use app pools to set the identity, not the web config. asp.net also support encrypting string in the web config.
-- bruce (sqlwork.com)
teejayem@xxxxxxxxx wrote:
Hi..
I have an ASP.NET website. My IIS is set to use Windows NT
Authentication.
I have configured my ASP website to use impersonation using the
following tag:-
<identity impersonate="true" />
Now I understand that the code that runs on the server should now run
as the NT user that has authenticated against my IIS. This doesn't
seem to be the case as I have tested this with users who are members
of the Domain Admins group and the website displays errors which is
being caused by permissions.
When I explicitly define the user name and password of an
administrative account it works fine.
<identity impersonate="true" userName="WALKER_MORRIS\user"
password="" ></identity>
Any ideas? As I would rather not have a domain admin account user
details written in plain text.
- Follow-Ups:
- Re: Help using impersonation - permission problems.
- From: teejayem@xxxxxxxxx
- Re: Help using impersonation - permission problems.
- References:
- Help using impersonation - permission problems.
- From: teejayem@xxxxxxxxx
- Help using impersonation - permission problems.
- Prev by Date: Re: JavaScript vs VbScript
- Next by Date: RE: datalist and AJAX update panel
- Previous by thread: Help using impersonation - permission problems.
- Next by thread: Re: Help using impersonation - permission problems.
- Index(es):
Relevant Pages
|
