Difference in DefaultCredentials bewtween IIS6 and IIS7 in IP mode in PostAuthenticate when Imperson

  • Thread starter Thread starter ADNT
  • Start date Start date
A

ADNT

Hello,

Using Windows authentication with Impersonate=true in my web.config I
discovered that within Global.aspx Application_PostAuthenticateRequest
method I get different values in
System.Net.CredentialCache.DefaultCredentials.

It seems that with IIS6 I correctly get the windows logged user, but in
IIS7, integrated pipeline gives me the NT Autority\Network Service account,
why ?

Where/When/How could I get now a credential with the windows loggued user ?

Thanks for help.

CS
 
Hello,

Using Windows authentication with Impersonate=true in my web.config I
discovered that within Global.aspx  Application_PostAuthenticateRequest
method I get different values in
System.Net.CredentialCache.DefaultCredentials.

It seems that with IIS6 I correctly get the windows logged user, but in
IIS7, integrated pipeline gives me the NT Autority\Network Service account,
why ?

Where/When/How  could I get now a credential with the windows loggued user ?

Thanks for help.

CS

It occurs because ASP.NET Integrated mode is unable to impersonate the
request identity in the BeginRequest and AuthenticateRequest pipeline
stages.
http://learn.iis.net/page.aspx/381/aspnet-20-breaking-changes-on-iis-70/
 
Thanks for answer Alexey,


But My code is in the PostAuthenticate where it should be able to
impersonate ???

I am on 2008R2 with IIS 7.5 but I see no change concerning this point with
IIS 7.0

CS



"Alexey Smirnov" <[email protected]> a écrit dans le message de
Hello,

Using Windows authentication with Impersonate=true in my web.config I
discovered that within Global.aspx Application_PostAuthenticateRequest
method I get different values in
System.Net.CredentialCache.DefaultCredentials.

It seems that with IIS6 I correctly get the windows logged user, but in
IIS7, integrated pipeline gives me the NT Autority\Network Service
account,
why ?

Where/When/How could I get now a credential with the windows loggued user
?

Thanks for help.

CS

It occurs because ASP.NET Integrated mode is unable to impersonate the
request identity in the BeginRequest and AuthenticateRequest pipeline
stages.
http://learn.iis.net/page.aspx/381/aspnet-20-breaking-changes-on-iis-70/
 
Back
Top