Question - How do I impersonate a specific (fixed) identity

J.D. Meier, Alex Mackman, Blaine Wastell, Prashant Bansode, Andy Wigley, Kishore Gopalan

Applies to

ASP.NET 2.0

Answer:

If you need to impersonate a specific (fixed) identity, set the impersonate attribute to true and supply the identity credentials using username and password attributes of the <identity> element. Impersonate specific or fixed identity to access all the local resources from ASP.NET application using original user’s security context. Important: Ideally you should not use fixed identity impersonation, instead create a application pool running under that identity and assign your application to the application pool. As impersonation carries lot of overhead and should be used only when required. For impersonating a fixed windows identity, configure the web.config as follows.

<authentication mode="Windows" />
<identity impersonate="true" username="UserName" password="P@ssw0rd" />

Additional Resources

For more information on using impersonation, see "How To: Use Impersonation and Delegation in ASP.NET 2.0" at http://msdn.microsoft.com/library/en-us/dnpag2/html/PAGHT000023.asp

Attributes

Author: J.D. Meier, Alex Mackman, Blaine Wastell, Prashant Bansode, Andy Wigley, Kishore Gopalan

Category: Impersonation and Delegation

filePath: ..\Libraries\patterns & practices Library\faq\15555a2f-bab3-4884-bdd4-7a06a85264bd.xml

Pri: 2

Rule Type: Implementation

Source: patterns & practices Library

Status: Release

Technology: ASP.NET 2.0

Title: Question - How do I impersonate a specific (fixed) identity

Topic: Security

Type: Question and Answer

ID: 15555a2f-bab3-4884-bdd4-7a06a85264bd