dotnet security: Web App Impersonation -- dotnet security

Web App Impersonation

David
7/11/2006 4:25:59 PM

dotnet security:

Ok, so it's not as simple or straightforward as it sounds, but here's
what I'm trying to do:

I have a web app where the user context is, by default, determined by
the user logged on to the machine at the time. (simple) However, we
would like to add the ability for another user to log into the web app,
such that the web app now thinks that it's the new person. Basically,
the User.Identity.Name first reads as 'mydomain\myuser' and after the
login, it reads as 'mydomain\newuser.' This is important, as much of
the user's experience weighs on the built-in functionality/stored
values of the .NET 2.0 Profile object.

I've tried several things and the closest I can get is using the method
outlined here:
http://msdn2.microsoft.com/en-us/library/system.security.principal.windowsimpersonationcontext.aspx
This method will change the context of the .NET process running on the
server. I'm convinced that I can use the 'LogonUser()' function to
determine if the credentials are correct, but I need the web context to
be changed, not the Windows context.

I've been puzzling over this task for a while, and maybe a fresh set of
eyes could help.

Thanks.

Re: Web App Impersonation

Joe Kaplan (MVP - ADSI)
7/11/2006 8:23:41 PM

Couldn't you just change the IE settings temporarily so that IWA auth always
prompts for credentials? That is by far the easiest solution I can think
of.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
[quoted text, click to view]