I'm confused about which identity a website runs under. I thought Environment.Username was the main one used to do things like attempt file access, connect to a database etc. I can use Impersonation to change this. So everything should run under this
account but am I wrong? I have a site that works running from Visual Studio, or connecting through IE on the development server ONLY, it wont work from another computer even when signed in as the same domain account.
Does your impersonated account have access to all the the neccesary files, like the .net temporary files. If you are running IIS6 on a Windows 2003 you should also check the identity of the application pool the website is running under, by default it is
the NETWORK SERVICE.
When running the site using impersonation of my account through web.config <identity impersonate="true" username="domain\xyz" password="xyz"> my site works fine. However, when I use programmatic impersonation, as described in MSDN or
http://west-wind.com/weblog/posts/1572.aspx it wont work right
bkim
Member
24 Points
52 Posts
credentials and impersonation
Mar 15, 2007 03:39 PM|LINK
Dear everyone please clear this up for me.
I'm confused about which identity a website runs under. I thought Environment.Username was the main one used to do things like attempt file access, connect to a database etc. I can use Impersonation to change this. So everything should run under this account but am I wrong? I have a site that works running from Visual Studio, or connecting through IE on the development server ONLY, it wont work from another computer even when signed in as the same domain account.
I know that these 3 show up properly
WindowsIdentity.GetCurrent.Name
Environment.UserName
User.Identity.Name
The only difference is this
Auth_User
I'm not sure whats going on. please clarify the differences between these and any others I missed.
hordurj
Member
60 Points
15 Posts
Re: credentials and impersonation
Mar 15, 2007 09:19 PM|LINK
Does your impersonated account have access to all the the neccesary files, like the .net temporary files. If you are running IIS6 on a Windows 2003 you should also check the identity of the application pool the website is running under, by default it is the NETWORK SERVICE.
What error do you get?
bkim
Member
24 Points
52 Posts
Re: credentials and impersonation
Mar 16, 2007 05:40 PM|LINK
Here's some more info.
When running the site using impersonation of my account through web.config <identity impersonate="true" username="domain\xyz" password="xyz"> my site works fine. However, when I use programmatic impersonation, as described in MSDN or http://west-wind.com/weblog/posts/1572.aspx it wont work right
using Web.Config Impersonation
WindowsIdentity.GetCurrent.Name: domain\xyz
Environment.UserName: xyz
User.Identity.Name : domain\bkimuser
everything works.
Using programmtic impersonation and setting web.config <identity impersonate="true>
page starts with
WindowsIdentity.GetCurrent.Name: domain\bkimuser
Environment.UserName: bkimuser
User.Identity.Name : domain\bkimuser
impersonates to
WindowsIdentity.GetCurrent.Name: domain\xyz
Environment.UserName: xyz
User.Identity.Name : domain\bkimuser
fails database connection
reverts to
WindowsIdentity.GetCurrent.Name: domain\bkimuser
Environment.UserName: bkimuser
User.Identity.Name : domain\bkimuser
it looks like I impersonate properly but I still can't connect to the database properly unless I impersonate the user from the beginning???
Is there any difference between impersonating through web.config or using temporary impersonation on the page that requires it?
smokesoft
Member
2 Points
1 Post
Re: credentials and impersonation
Mar 17, 2008 08:20 PM|LINK
i have the same problem... does anyone have any answer????
thanks