开发者

asp.net impersonation setup

My web app is set to use Windows Authentication and Impersonation is set to true.

<authentication mode="Windows"/>
    <identity impersonate="true"/>

When I run it on my local machine (IIS6), I access Active directory with my current login.

WindowsIdentity curIdentity = WindowsIdentity.GetCurrent();
WindowsPrincipal myPrincipal = new WindowsPrincipal(curIdentity);

However when I access my site remotely Impersonation does not seem to b开发者_JS百科e working; I display the groups that the user belongs to - and get a very short list!

What else do I need?


Impersonation does not pass credentials more than 1 hop between machines. So your creds go from your machine to IIS but no further, accessing active directory is a 2nd hop. When everything runs on the same machine (as in your local case), it will work fine.

http://msdn.microsoft.com/en-us/library/aa292118(VS.71).aspx


I'm pretty sure you need to be specifying a user:

<identity impersonate="true" userName="contoso\Jane" password="pass"/>

Otherwise it will use the ASP.Net user, which will have limited privileges.

See here for more information (including how to store the username/password encrypted).

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜