Application Security Context

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Jerry Camel
    #1

    Application Security Context

    This is probably a newbie type of question, but how / where can you specify
    the security context in which server side code runs? I need to do some
    active directory lookups and such that the current user might not have
    access to. Is there a way to do this like there is for a windows service?
    Thanks.

    Jerry


    Tags: None
    • Tommy
      #2
      Re: Application Security Context

      1. You can specify the request to run under a specific user using the Web.Config

      <identity impersonate="tr ue"
      userName="domai n1\user1"
      password="passw ord1"/>

      2. You can dynamically impersonate into a different user at run-time, access the
      active directory, and revert back to the original user.
      Use the "Impersonat e()" method in the
      "System.Securit y.Principal.Win dowsIdentity" class.

      3. You can create a component that access the active directory. Run this
      component in COM+ under a specify user. You can then have the ASP.NET page
      call this component.

      Tommy,

      "Jerry Camel" <rlrcstr@msn.co m> wrote in message news:<e3SBynm6D HA.2560@TK2MSFT NGP09.phx.gbl>. ..[color=blue]
      > This is probably a newbie type of question, but how / where can you specify
      > the security context in which server side code runs? I need to do some
      > active directory lookups and such that the current user might not have
      > access to. Is there a way to do this like there is for a windows service?
      > Thanks.
      >
      > Jerry[/color]

        Comment

        • Jerry Camel
          #3
          Re: Application Security Context

          Great. Thanks. Exactly what I needed.

          "Tommy" <Websoftwares@H otmail.com> wrote in message
          news:a85edaaf.0 402031008.57de5 932@posting.goo gle.com...[color=blue]
          > 1. You can specify the request to run under a specific user using the[/color]
          Web.Config[color=blue]
          >
          > <identity impersonate="tr ue"
          > userName="domai n1\user1"
          > password="passw ord1"/>
          >
          > 2. You can dynamically impersonate into a different user at run-time,[/color]
          access the[color=blue]
          > active directory, and revert back to the original user.
          > Use the "Impersonat e()" method in the
          > "System.Securit y.Principal.Win dowsIdentity" class.
          >
          > 3. You can create a component that access the active directory. Run this
          > component in COM+ under a specify user. You can then have the ASP.NET[/color]
          page[color=blue]
          > call this component.
          >
          > Tommy,
          >
          > "Jerry Camel" <rlrcstr@msn.co m> wrote in message[/color]
          news:<e3SBynm6D HA.2560@TK2MSFT NGP09.phx.gbl>. ..[color=blue][color=green]
          > > This is probably a newbie type of question, but how / where can you[/color][/color]
          specify[color=blue][color=green]
          > > the security context in which server side code runs? I need to do some
          > > active directory lookups and such that the current user might not have
          > > access to. Is there a way to do this like there is for a windows[/color][/color]
          service?[color=blue][color=green]
          > > Thanks.
          > >
          > > Jerry[/color][/color]


            Comment

            Previous template Next
            Working...