Every process running on a Windows 2000/2003 server has a username associated with it. The username, in conjunction with ACLs (described earlier in Section 19-2 determines what resources the process will have access to.

By default, ASP.NET processes run with a userName of machine (note all lowercase). This causes the processes to run under a special low privilege user account named “ASPNET”, which is created when the ASP.NET is installed. It is also possible to change the value of userName to SYSTEM, which gives the processes full access to all resources, or to any valid username which is a member of a domain which has sufficient access rights to the web server. If there is a security breach, then a malicious user may be able to run processes with the same access to resources provided by the userName assigned to the ASP.NET processes.

To provide more flexibility, ASP.NET supports impersonation. Using impersonation, the ASP.NET process assumes, and executes with, the identity of the client making the request. For example, if user Dan requests a web page, and this web page requests access to a resource on the server, then when ASP.NET requests that resource, it will be as though Dan made the request, not machine. The permissions assigned to Dan in the ACLs will govern the request.

Impersonation is not enabled by default, since it consumes additional server resources. Impersonation is enabled with an <identity> section in a configuration file. The default <identity> section ...