App pool identity versus impersonation identity?

Question

I found only one thread relating to this but it did not answer the question.

I'm curious to a link or explanation of the difference between setting an impersonation user via in the web.config versus setting the application pool identity in IIS. They seem to be independent and am confused on the detailed differences. Thanks.

score 19 · Accepted Answer · answered Feb 18 '11 at 20:55

19

Using impersonation in the web.config allows you to override whatever identity was configured for the Application Pool the app is running under - it's just a more fine grained method to control identity ( on the app level vs. the ApplicationPool level), so you could have two apps run on the same AppPool, but one of them uses impersonation to use another identity.

answered Feb 18 '11 at 20:55

BrokenGlass

158,293
28
286
335

That's what I thought. Thank you. – Ryan Peters Feb 18 '11 at 20:57
4

Note that the web.config way is ASP.NET specific. If you use other web framework on IIS, then setting application pool identity is the sole option. – Lex Li Feb 19 '11 at 04:02

App pool identity versus impersonation identity?

1 Answers1

Linked