Impersonate and security issues
-
Can someone please explain to me in which situation we need to use impersonate=true. I had read some stuff online about this but i am not very clear about it. It would be very helpful if you could tell me about some practical situations in which you have used impersonate. My understanding is as follows: By default everything runs under the aspnet account. If we choose impersonate=true then it runs under the IUSR_MachineName account and then we can access whatever IUSR_MachineName can access.(I don't know in which situation this would be neccessary) Also if we choose impersonate=true and provide username/password then we can access whatever the particular user can access.I don't know in which situation this would be neccessary)
-
Can someone please explain to me in which situation we need to use impersonate=true. I had read some stuff online about this but i am not very clear about it. It would be very helpful if you could tell me about some practical situations in which you have used impersonate. My understanding is as follows: By default everything runs under the aspnet account. If we choose impersonate=true then it runs under the IUSR_MachineName account and then we can access whatever IUSR_MachineName can access.(I don't know in which situation this would be neccessary) Also if we choose impersonate=true and provide username/password then we can access whatever the particular user can access.I don't know in which situation this would be neccessary)
If you still have some doubts about the impersonation, then the Security guy might give you a hand. http://www.pluralsight.com/wiki/default.aspx/Keith.GuideBook/WhatIsImpersonation.html[^] One of the examples is to use the Word application at the server side which is quite often asked recently in the forum. Basically, the ASP.NET process identity does not have the permission to active the Word application, so you may want to run your ASP.NET application under a window account who has the permission to start the Word application.