When using Windows authentication, the User property of the HttpContext will be set to whoever is browsing your web application. This allows a programmer to do certain things based on the user who is currently accessing the system. However, the current user will
not be used to determine access to file resources or connect to a database for example. (I believe the application pool identity is used by default). What if you want to use the current user for this other access?
You need to
impersonate the current user when accessing these resources. Simply put the following in your web.config file:
<system.web>
<identity impersonate="true" />
</system.web>
You can also specify a username and password to use. I'm not sure the value in this since you could always just use the app pool identity, but if you need to, do this....
<system.web>
<identity impersonate="true" userName="Steve" password="Supersecret" />
</system.web>
No comments:
Post a Comment