Impersonation with forms authentication ?

[Eric Veltman]

Hello everyone,

[ Unfortunately I don't have Windows on my machine
at home to try it and unfortunately, don't have an
office anymore ( me == jobless ) and I couldn't find
the information on Google as well, so I hope you can
help me with this question. ]

Till now, I've always used IIS integrated authentication
and impersonation, such that the ASP.NET code on the server
is executed with the permissions of the user who is sitting
behind the web browser.

Now I am wondering if it's also possible to use
forms authentication and still do impersonation,
so that the ASP.NET code on the server is executed with
the permissions of the user who typed his username and
password in the login form ??

Best regards,

Eric

 

[Bruce Johnson]

I don't think that you can do a blanket impersonation,
but if you look at the following KB article
(http://support.microsoft.com/default.aspx?scid=kb;EN-
US;306158), it provides an example of how to use the
LoginUser API function to generate a security token for a
particular user that can be used to impersonate that user
for a block of code.

Hope this helps.

Bruce Johnson
http://www.ObjectSharp.com/Bruce

 

[Eric Veltman]

I don't think that you can do a blanket impersonation,
but if you look at the following KB article
(http://support.microsoft.com/default.aspx?scid=kb;EN-
US;306158), it provides an example of how to use the
LoginUser API function to generate a security token for a
particular user that can be used to impersonate that user
for a block of code.

Hope this helps.

Bruce Johnson

Hello Bruce,

I almost forgot to say ... Thanks !

Best regards,

Eric