关于asp.net impersonation的一些谣传
以下皆是理论知识,未经证实。
system.web下面的配置节
<identity impersonate="true" />
或者<identity impersonate="true" userName="accountname" password="password" />
也可以通过调用windows API来用代码来进行身份模拟,这篇文章很到位:http://www.cnblogs.com/awpatp/archive/2010/02/02/1662277.html
Note Impersonation is local to a particular thread. When code changes threads, such as when using thread pooling, the new thread executes using the process identity by default.
inpersonation和IIS集成模式不太兼容(ASP.NET Integrated mode is unable to impersonate the request identity in the BeginRequest and AuthenticateRequest pipeline stages.),可通过一个配置来调整: http://www.allenconway.net/2010/11/how-to-use-impersonation-in-aspnet.html
<validation validateIntegratedModeConfiguration="false"/>
http://mvolo.com/breaking-changes-for-aspnet-20-applications-running-in-integrated-mode-on-iis-70/
也许相对于imperonation,让程序在一个generic account下运行(application pool identity),然后为这个generic account赋予足够的权限更简单
郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。
