locked
Impersonation and windows authentication RRS feed

  • Question

  • User640374800 posted

    Looking for some advice/help on understanding how impersonation works / is implemented...

    Current scenario with my application is that it is set to windows authentication but users login with standard username/password against their account stored in database...

    Additionally there is an additional logon for a service account to a third party system again using standard login. (details for this account username/password is in config file)

    My question is can I utilise logon with windows authentication for both these accounts and then use the same impersonation details for each? 

    As regards impersonation, from what I have read its a case of adding the impersonate attribute in my web.config with the appropriate username/password of the impersonated user and then get a token via a logon user method that is then user to initiate impersonation.

    As regards permissions do I need to define these anywhere for this impersonation user? or are they inherited from the windows accounts being impersonated?

    Wednesday, September 12, 2018 8:17 AM

All replies

  • User1724605321 posted

    Hi mark1961,

    Current scenario with my application is that it is set to windows authentication but users login with standard username/password against their account stored in database...

    That seems you are using windows authentication and Forms authentication in one application , am i right ? If yes , do you write the ActiveDirectoryMembershipProvider Class to authenticate Windows user accounts through a form and tie your login to that ? If no , please explain more about your scenario . 

    Best Regards,

    Nan Yu

    Thursday, September 13, 2018 3:00 AM