tag:blogger.com,1999:blog-6354706590059817737.comments2009-11-12T20:50:20.341-08:00Sharp MindersZahid Z. Malikhttp://www.blogger.com/profile/11658820342420952443noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-6354706590059817737.post-9318211776787848352009-11-12T20:50:20.341-08:002009-11-12T20:50:20.341-08:00where is the answers for the above questionswhere is the answers for the above questionsDanduanilkumarhttps://www.blogger.com/profile/08043818901805299150noreply@blogger.comtag:blogger.com,1999:blog-6354706590059817737.post-65642558158610284532008-11-16T02:05:00.000-08:002008-11-16T02:05:00.000-08:00Hi,This is a good article. But you didn't explain ...Hi,<BR/>This is a good article. But you didn't explain that why or how to use this feature.<BR/><BR/>Lets consider the following scenario:<BR/>You develop a web application that writes data to a file on a sever and you restrict access to the file to specific Windows users.<BR/>The web application runs and MachineName\ASPNET and you deny anonymous access to the application in IIS or in web.config using deny users="?"<BR/>Also you are using the windows authentication. Now you need to ensure that the application meets the following requirments.<BR/>(1) It must impersonate the user when it writes data to the file.<BR/>(2). It must run as Machinename\ASPNET when user does not access the file.<BR/><BR/>To accomplish the above task you need to do the following two things.<BR/>First of all disbale impersonation in web.config like this:<BR/>identity impersonate="false"<BR/><BR/>Now you will face difficulties in ur code segments where u are trying to write to some file. Why?<BR/>because u r using windows authentication and in IIS u stated thhat you dont want anonymous access to the application by putting this tag deny users="?"<BR/>So now MachineName\ASPNET user can not write data to file. Now our task is to Impersonate the MachineName\ASPNEt user, so that our application can write data to some file on the server. for that we need to write code some thing like this:<BR/><BR/>WindowsPrinciple wp = (WindowsPrinciple)HttpContext.Current.User;<BR/><BR/><BR/>WindowsIdentity wi = (WindowsIdentity)wp.Identity;<BR/><BR/>WindowsImpersonationContext wic = wi.Impersonate();<BR/><BR/> Access and write the data in file, because in the above code we have get the identity of MAchninename\ASPNET and impersonate it. After accessing the file and doing other stuff according to ur requirments we have to get back the Impersonation from MachineName\ASPNET user. for that just write this:<BR/><BR/><BR/><BR/>wic.Undo();<BR/><BR/><BR/>Have fun<BR/><BR/>Regards,<BR/>Shahid Riaz BhattiShahid Riaz Bhattihttps://www.blogger.com/profile/07200813097200824574noreply@blogger.comtag:blogger.com,1999:blog-6354706590059817737.post-37527680553068439612008-09-23T19:24:00.000-07:002008-09-23T19:24:00.000-07:00Its a good effort to teach dummy people about tech...Its a good effort to teach dummy people about tech.M Ahmad Sheikhhttps://www.blogger.com/profile/07255986793036986933noreply@blogger.com