0

ASP.NET Impersonation I have a site hosted on IIS that has anonymous authentication and forms authentication both enabled.

Initially I have impersonation Turned Off. So before logging in using forms authentication for,

System.Security.Principal.WindowsIdentity.GetCurrent().Name

I get a value of IIS APPPOOL\DefaultAppPool

when i enable impersonation I get a value NT AUTHORITY\IUSR

After logging in with forms authentication regardless of whether I have impersonation turned or or off.. I am always getting a value of IIS APPPOOL\DefaultAppPool

My question is.... if I have impersonation turned on and I log in using JSMITH's account, shouldn't I be getting a value of JSMITH

psj01
  • 3,075
  • 6
  • 32
  • 63
  • Isn't the whole point of impersonation to... well, *impersonate* (a different user account)? Why are you expecting it to assume the *original* login? – Robert Harvey Apr 18 '19 at 19:03
  • so if i have impersonation turned off.. then i should see JSMITH? – psj01 Apr 18 '19 at 19:05
  • 1
    If memory serves, Forms Authentication doesn't require a Windows account. It follows that IIS would log in with its own authority. See https://learn.microsoft.com/en-us/dotnet/api/system.web.security.formsauthentication?view=netframework-4.8, in the **Remarks** section. – Robert Harvey Apr 18 '19 at 19:10
  • https://stackoverflow.com/questions/1267071/how-to-get-windows-user-name-when-identity-impersonate-true-in-asp-net – ardila Apr 18 '19 at 22:11

1 Answers1

1

Impersonation doesn't run as the user you've logged in as, it just allows you to run your application under a specified user account.

<identity impersonate="true" userName="domain\username" password="P@$$word"/>

This will run as domain\username.

If you want to use the user account that's logged in you will want to look at something like Forms Authentication or Windows Authentication.

Kirk
  • 16,182
  • 20
  • 80
  • 112
  • apparently when I use forms authentication it doesn't matter whether i have impersonation on or off.. its always running under IIS APPPOOL\DefaultAppPool – psj01 Apr 18 '19 at 19:22