|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Web App Impersonationwhat I'm trying to do: I have a web app where the user context is, by default, determined by the user logged on to the machine at the time. (simple) However, we would like to add the ability for another user to log into the web app, such that the web app now thinks that it's the new person. Basically, the User.Identity.Name first reads as 'mydomain\myuser' and after the login, it reads as 'mydomain\newuser.' This is important, as much of the user's experience weighs on the built-in functionality/stored values of the .NET 2.0 Profile object. I've tried several things and the closest I can get is using the method outlined here: http://msdn2.microsoft.com/en-us/library/system.security.principal.windowsimpersonationcontext.aspx This method will change the context of the .NET process running on the server. I'm convinced that I can use the 'LogonUser()' function to determine if the credentials are correct, but I need the web context to be changed, not the Windows context. I've been puzzling over this task for a while, and maybe a fresh set of eyes could help. Thanks. Couldn't you just change the IE settings temporarily so that IWA auth always
prompts for credentials? That is by far the easiest solution I can think of. Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- "David" <ddhat***@gmail.com> wrote in message news:1152660359.448781.173380@p79g2000cwp.googlegroups.com... > Ok, so it's not as simple or straightforward as it sounds, but here's > what I'm trying to do: > > I have a web app where the user context is, by default, determined by > the user logged on to the machine at the time. (simple) However, we > would like to add the ability for another user to log into the web app, > such that the web app now thinks that it's the new person. Basically, > the User.Identity.Name first reads as 'mydomain\myuser' and after the > login, it reads as 'mydomain\newuser.' This is important, as much of > the user's experience weighs on the built-in functionality/stored > values of the .NET 2.0 Profile object. > > I've tried several things and the closest I can get is using the method > outlined here: > http://msdn2.microsoft.com/en-us/library/system.security.principal.windowsimpersonationcontext.aspx > This method will change the context of the .NET process running on the > server. I'm convinced that I can use the 'LogonUser()' function to > determine if the credentials are correct, but I need the web context to > be changed, not the Windows context. > > I've been puzzling over this task for a while, and maybe a fresh set of > eyes could help. > > Thanks. > 
Other interesting topics
WindowsIdentity.GetCurrent().Token cannot be used when remoting?
Windows authentication over remoting... possible? Service, Requested registry access is not allowed Creating New Process Under Alternate Credentials (createprocessasuser) Re: How to - PKCS#7 in c# RSA Encryption: Saving keys as files, and size of encrypted data code access security across the network Questions about RijndaelManaged and Rijndael How to grant and deny the access to a virtual directory? Restrict access to application from "outside" |
|||||||||||||||||||||||
