It is an important security feature which have ability to control the identity under which code is executed. Impersonation is when ASP.NET executes code in the context of an authenticated and authorized client. By default, ASP.NET does not use impersonation and instead executes all code using the same user account as the ASP.NET process, which is typically the ASPNET account. This is contrary to the default behavior of ASP, which uses impersonation by default. In Internet Information Services (IIS) 6, the default identity is the NetworkService account.
Impersonation is disabled. This is the default setting. <identity impersonate="false">
Impersonation enabled. In this instance, ASP.NET impersonates the token passed to it by IIS, which is either an authenticated user or the anonymous Internet user account (IUSR_machinename). <identity impersonate="true">
Impersonation enabled for a specific identity. In this instance, ASP.NET impersonates the token generated using an identity specified in the Web.config file. <identity password="password" impersonate="true" username="domain\user">
Google Cloud Next 25: New AI capabilities to transform your business
-
This week at Google Cloud Next, we’re sharing how AI can help advance your
mission.
12 hours ago
1 comment:
Quite useful information. Thanks for sharing. You rock.
Post a Comment