2

I have a an ASP.NET MVC application that will need to access file resources on another machine, so I have shared the relevant directory and given a fresh domain user access to it. My question is: How do I get my ASP.NET MVC app to take on this new user's identity? Do I have to set this up separately when debugging and when deployed?

Thanks!

directedition
  • 11,145
  • 18
  • 58
  • 79

3 Answers3

3
<identity impersonate="true"
          userName="domain\user" 
          password="password" />

in your web.config should work. The other option (not recommended) is running your application pool as a user with the proper credentials.

Jeff Turner
  • 1,318
  • 8
  • 12
  • why do you say it's not recommended to run the application pool as the user? I would say it would be better for security practices, since this user account's username/password would not be available for anybody who has access to the source code. – Anthony Shaw Feb 09 '12 at 18:57
  • I went ahead and added this to my web.config under system.web, but calls to WindowsIdentity.GetCurrent().Name are still coming up as my local user account, at least when running through the debugger. – directedition Feb 09 '12 at 19:05
  • 1
    I say not recommended because it means that if you ever have to move the application to another server there will be additional configuration. As far as the security aspect goes, i can agree that using the application pool obfuscates the credentials, though in most cases you would make a user specifically for what you need to do so if it's shared among developers it will make it easier for them to troubleshoot. Either way is perfectly legitimate but in most cases I prefer to use the web.config method. – Jeff Turner Feb 09 '12 at 19:22
  • 1
    if you're running through the cassini web server i'm not sure if it will impersonate properly – Jeff Turner Feb 09 '12 at 19:28
0

MVC Still uses ASP.NET authentication so you should just need to use:

<identity impersonate="true"/>

In the web.config.

Frazell Thomas
  • 6,031
  • 1
  • 20
  • 21
  • This won't do unless all users of the application has access to the directory. The OP has set up a service account. – PHeiberg Feb 09 '12 at 18:45
0

Are you running your MVC application within IIS? If so, set this user as the application pool identity. If not, you can use impersonation from within the web.config

http://msdn.microsoft.com/en-us/library/xh507fc5(v=vs.100).aspx

Anthony Shaw
  • 8,146
  • 4
  • 44
  • 62