Impersonation
is when ASP.NET executes code in the context of an authenticated and authorized
client. By default, ASP.NET does not use impersonation and instead executes all
code using the same user account as the ASP.NET process, which is typically the
ASPNET account.
There
are 5 below steps by which we can establish Impersonation configuration in our
secured application environment.
1.)
Creation of Application/Proxy user where Application is hosted.
2.)
Give appropriate access to the user.
3.)
Create Database Login user on database.
4.)
Authenticate User and provide credential on IIS.
5.)
Then Configure web.config on Application.
Creation of Application/Proxy
user where Application is hosted and Give appropriate access to the user.
Create Database Windows Login in Database.
Now Open IIS Manager and navigate to the level you want to manage.
1. In Features View, double-click Authentication.
2. On the Authentication page, select ASP.NET Impersonation.
3. In the Actions pane, click Enable to use ASP.NET Impersonation authentication with the default settings.
4. Optionally, in the Actions pane, click Edit to set the security principal.
5. In the Edit ASP.NET Impersonation Settings dialog box, select either Specific user or Authenticated user. Whichever you decide, IIS uses this identity for the security context of the ASP.NET application. By default, IIS 8 is set to impersonate the authenticated user.
6. Click OK to finish or proceed to the next optional steps to change the identity to impersonate.
7. Optionally, click Set to change the Specific user identity.
8. In the Set Credentials dialog box, enter the name of an existing user account in User name, the password associated with that user account in Password, and then the exact same value in Confirm password for a new account IIS should use for anonymous access.
9. Click OK to close the Set Credentials dialog box.
10. Click OK to close the Edit ASP.NET Impersonation Settings dialog box.
Then Configure web.config on Application
Configure Aspnet/MVC app’s web.config as below
<configuration>
<connectionStrings>
<add name="xxxxx"
connectionString="Database= Test;Server=SUMAN-29\MYSERVER;Integrated
Security=SSPI; " providerName="System.Data.SqlClient" />
<add
name="ApplicationServices" connectionString="data source= SUMAN-29\MYSERVER;Integrated
Security=SSPI; ; Initial Catalog=Test"
providerName="System.Data.SqlClient" />
</connectionStrings>
and
<identity impersonate="true" password="@#@$@$@$@" userName="xxx" />
and
<identity impersonate="true" password="@#@$@$@$@" userName="xxx" />
if SSL is enable then
<authentication
mode="Forms">
<forms
loginUrl="~/Account/LogOff" name="tech"
timeout="30" requireSSL="True" />
</authentication>
Seems it is opening ….
#YoYo this is working and application goes
live…
gud 1
ReplyDeleteHello! I know this is somewhat off topic but I was wondering if
ReplyDeleteyou knew where I could locate a captcha plugin for
my comment form? I'm using the same blog platform as yours and I'm having difficulty
finding one? Thanks a lot!
If some one wants expert view regarding blogging and site-building afterward
ReplyDeletei recommend him/her to pay a quick visit this weblog, Keep up the
pleasant job.
Pretty nice post. I just stumbled upon your weblog and wanted to say that I
ReplyDeletehave truly enjoyed surfing around your blog posts. In any case I'll be subscribing to your rss feed and I hope you write
again soon!
I am truly glad to glance at this web site posts which consists of
ReplyDeleteplenty of useful information, thanks for providing such information.
I know this if off topic but I'm looking into starting my own blog and was
ReplyDeletewondering what all is needed to get setup? I'm assuming having a blog
like yours would cost a pretty penny? I'm not very web savvy so
I'm not 100% certain. Any suggestions or advice would be
greatly appreciated. Thank you
What's up to every body, it's my first pay a quick visit of this web site; this
ReplyDeleteweb site contains amazing and actually good stuff designed for
visitors.
What's up to all, how is everything, I think every one is
ReplyDeletegetting more from this web site, and your views are pleasant in favor of new users.
This is the right website for anyone who would like
ReplyDeleteto find out about this topic. You realize a whole lot its
almost tough to argue with you (not that I really will need to…HaHa).
You definitely put a fresh spin on a topic which has been written about for years.
Great stuff, just great!
Everything is very open with a very clear explanation of
ReplyDeletethe issues. It was truly informative. Your
website is useful. Thanks for sharing!
I have learn several good stuff here. Certainly value bookmarking for revisiting.
ReplyDeleteI surprise how much attempt you put to make this type of fantastic informative website.
My brother recommended I might like this
ReplyDeletewebsite. He was totally right. This post truly
made my day. You can not imagine just how much time
I had spent for this information! Thanks!
Keep on writing, great job!
ReplyDeleteGood day! This is my first visit to your blog! We are a collection of volunteers and
ReplyDeletestarting a new project in a community in the same niche.
Your blog provided us valuable information to
work on. You have done a extraordinary job!
WOW just what I was searching for. Came here by searching for minecraft
ReplyDeleteDo you mind if I quote a couple of your articles
ReplyDeleteas long as I provide credit and sources back to your blog?
My blog site is in the very same niche as yours and my visitors would certainly benefit from a lot
of the information you present here. Please let me
know if this alright with you. Thank you!
Greetings from Florida! I'm bored to death at work so I decided to
ReplyDeletebrowse your site on my iphone during lunch break. I love the information you provide here and can't wait to take a look when I get home.
I'm amazed at how fast your blog loaded on my mobile .. I'm not even using WIFI, just
3G .. Anyhow, superb site!
It is perfect time to make a few plans for the future and it's
ReplyDeletetime to be happy. I've read this submit and if I could
I want to suggest you few interesting issues or tips. Maybe
you can write subsequent articles referring to this article.
I desire to read even more issues approximately it!
Fantastic blog! Do you have any tips and hints for aspiring writers?
ReplyDeleteI'm planning to start my own blog soon but I'm a little lost
on everything. Would you recommend starting with a free platform like Wordpress or go
for a paid option? There are so many choices out there that I'm totally overwhelmed ..
Any tips? Thank you!
continuously i used to read smaller posts which as well clear their
ReplyDeletemotive, and that is also happening with this post which I am reading at this place.
For hottest news you have to pay a quick visit world wide web and on internet I found
ReplyDeletethis web site as a most excellent web page for hottest updates.
Generally I don't read post on blogs, however I would like
ReplyDeleteto say that this write-up very forced me to check out
and do it! Your writing taste has been surprised me.
Thank you, very great post.
Do you have a spam issue on this blog; I also am a blogger, and I was
ReplyDeletecurious about your situation; we have created some nice practices and we are looking to swap
techniques with others, be sure to shoot me an email if interested.