How to use Configured Impersonation in ASP.NET

Configured impersonation is the simplest form of impersonation. You have to use the web.config file to define the impersonation behavior you want, by adding the <identity> element as shown:

 

<configuration>

<system.web>

<!– Other settings omitted. –>

<identity impersonate=”true” />

</system.web>

</configuration>

 

You can configure the <identity> element in more than one way, depending on the result you want:

– If you want to impersonate the Windows account authenticated by IIS – just set the impersonate attribute to true as shown above.

– If you allow anonymous access, you can use the IUSR_[ComputerName] account. In this case the impersonated account must have all the permissions required to run ASP.NET code, including read-write access to the c:\[WinDir]\Microsoft.NET\Framework\[Version]\Temporary ASP.NET Files directory where the compiled ASP.NET files are stored. Otherwise, an error will occur and the page will not be served.