Here's the same old impersonation question that I've seen hashed over in this newsgroup a million times but here is a new twist.
I have a asp.net webapp. I need to use custom authentication (just
because). The app runs under anonymous access. There is a logon form. I've
been able to use the old "advapi32.dll" logon thing successfully. I can
impersonate the user that trying to log on. Of course since webs are
stateless, once I impersonate the user and make a request on their behalf,
IIS forgets who I am and makes the request under the annonymous account. :(
I thought of maybe calling the logon routine as a custom http request
handler but not sure if this is the right thing to do. Any thoughts out
there?
.
Impersonate progromatically persist through session or just page? ... session/process (i.e. from request to request) or does it only apply ...Impersonate a Specific user whereever required within the code ...public static extern int RevertToSelf();... (microsoft.public.dotnet.framework.aspnet.security)
Re: Impersonate and shared hosting ... In case you want to impersonate per request .. ... >>> They can pick any file afterwards from the folder.... >>> Ion Cartiant... (microsoft.public.dotnet.framework.aspnet.security)
Re: LogonUser issues ... > of the local machine, it tries to impersonate me, not the credentials I ... > string lpszPassword, int dwLogonType, int dwLogonProvider, out IntPtr ... The clone will be used to access local resources while the secondary token ...LOGON32_PROVIDER_WINNT50 a logon provider to make sure negotiate is used ... (microsoft.public.dotnet.languages.csharp)
Re: Migrating from LogonUser to SSPI ... Pass them to the client over TCP/IP for impersonation/process ... "The end result of using the SSPI services to validate the credentials ...LOGON32_LOGON_NETWORK logon type. ...Impersonate allows you to pretend to be the user when accessing any ... (microsoft.public.platformsdk.security)
