Security in .NET Impersonation

Impersonation in .Net allows you to run an application in a particular user account which is determined by you. Usually the account in which the application runs is ASPNET or NETWORK SERVICE depending on the version of IIS you are running in your machine.

With IIS 5.0 the ASPNET account is used and it is not possible to override this account in the web.config file. In the IIS 6.0 you can configure this in the web.config file so that you can run the application on a different user account.

In the web.config file you can include the line,
<identity impersonate = “true” /> to enable impersonation. You can also impersonate for a particular user with the syntax, <identity impersonate = “true” username = “user_name” password = “user_pwd” />

So with the configuration in the web.config file you can run the application under a different user account. Although you might have different authentication models the underlying account in which the application runs is not changed. The security context is not changed although authentication is a tool. With classic ASP, this is not possible.

Yreka man convicted of perjury, fraud
After the case was in court for over four years, a jury found Donald Lee Daman guilty of perjury and welfare fraud Thursday.

Omar Abdullah sacks Roads and Buildings Minister Saroori in J-K
Jammu and Kashmir chief minister Omar Abdullah on Thursday sacked Minister for Roads and Buildings G.M. Saroori following his alleged involvement in an impersonation case in a private medical college in Jammu.

The Coalition is scared of scrutiny
Tony Abbott's disastrous press conference in Canberra last night - following the three amigo independents' request for Coalition Treasury costings - is putting his chances of securing the Prime Ministership in danger.

Visit .NET Programming Tutorial Homepage

______________________________________________________

Recommended Resource

Amazon.com Widgets