WindowsIdentity.Impersonate and PostBack issue

I am writing an ASP website that uses Forms security and Active Directory.

I allow the user to login using the Windows API:

[DllImport("advapi32.dll", SetLastError = true)]
public static extern bool LogonUser(string pszUsername, string pszDomain, string pszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);

This gives me a Login Token Pointer which I than save in a session variable:

bool returnValue = LogonUser(txtUserName.Text, domainName, txtPassword.Text, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref TokenHandle);

    if (!returnValue)
    {
           lblErrorMessage.Text = "Incorrect Username or Password";
           lblErrorMessage.Visible = true;
            return;
    }
    Session["TokenHandle"] = TokenHandle;

Now when I get redirected back to my Default.aspx page I want to Impersonate the user that has logged in. This way I don't have to har开发者_如何学运维d code a SQL connection string user name, I can just use integrated security. I do this on Page Load as follows:

if (Session["TokenHandle"] != null)
            {
                IntPtr tokenHandle = new IntPtr(0);
                tokenHandle = (IntPtr)Session["TokenHandle"];
                WindowsIdentity.Impersonate(tokenHandle);
            }

Here is the problem:

It all works great the first time I hit Default.aspx however as soon as I do a postback it looses the impersonation and I get an error:

Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.

Now I know this code should work, I have used it in other project. I am just missing something here.

Also I am using DevExpress.Web.ASPxGridView.v9.2 component, I am not sure if it has anything to do with it.

Please help.

The issue you are going to have is the fact that the Application Pool running your website isn't trusted for Delegation therefore CANNOT Impersonate an AD user account. In AD you need to manually allow delegation to the Domain User running the Application Pool.

Then you'll be able to impersonate the user.