1.Authentication and impersonation are two different concepts. Your request will first reach IIS, authentication involves how IIS check identity of the request and decides if request is eligible, if yes, IIS will delegate the request on to your application, here impersonation is responsible for which role the application is run under. I do not think there is any problem about the authentication process, the complexity comes from impersonation.
2. Default impersonation is turned off, so there is no impersonation, all applications are running using the IIS worker thread. For xp and earlier windows versions, the default user is ASPNET, newer versions the user is Network Service, these are default values, they also can be changed.
3. When impersonation is on, the worker thread will be run under authenticated users or a particular user “TestUser” in the following case:
1
| <identity impersonate="true" username="TestUser" password="P@ssw0rd" /> |
No comments:
Post a Comment