Name
<identity>
Synopsis
<identity impersonate=boolean userName=string password=string />
Specifies whether request impersonation is enabled, as well as the identity to be used for requests made from the ASP.NET worker process and the password for that identity.
Scope
Any
Attributes
-
impersonate
Specifies whether impersonation is enabled for the application. If
True
, requests made by the ASP.NET worker process will be made with the security context of the account specified by theuserName
attribute; if that attribute is blank, the context of the account of the logged on user. The default isFalse
.-
userName
Specifies the username of the Windows account to use for impersonation. If the value is left blank or is omitted, requests will be made in the context of the logged-in user.
-
password
Specifies the password for the account named in the
userName
attribute. This password is stored in clear text.
Child Elements
None
Example
The example turns on impersonation for the logged-in user authenticated by IIS:
<configuration> <system.web> <identity impersonate="true" userName="" /> </system.web> </configuration>
Notes
Because the password
attribute stores passwords in
readable text, you should carefully consider whether it makes sense
to use this functionality. Storing sensitive information such as
passwords in text files presents a potential security risk.
Get ASP.NET in a Nutshell now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.