ASP.Net Forcing impersonation at the Machine level.

December 9, 2011
Tags: ,

I decided to look into impersonation a bit more and how I could force our Windows Platform to impersonate, without letting our users change it back in their web.config file. I found a good number of google searches, but nothing really stuck until I realized I could simply add in the web.config of the machine a location, set allowOverride to “false” then tell it what to do, without users being able to modify it!

Here’s the line I added at the top of the web.config located at c:\windows\microsoft.net\framework\v2.0.50727\CONFIG.

 <location allowOverride="false">
 <system.web>
 <identity impersonate="true"/>
 </system.web>
 </location>
 <location allowOverride="true">
  <system.web>
   <securityPolicy>
    <trustLevel name="Full" policyFile="internal"/>
    <trustLevel name="High" policyFile="web_hightrust.config"/>
    <trustLevel name="Medium" policyFile="web_mediumtrust.config"/>
    <trustLevel name="Low" policyFile="web_lowtrust.config"/>
    <trustLevel name="Minimal" policyFile="web_minimaltrust.config"/>
   </securityPolicy>
   <trust level="Full" originUrl=""/>
  </system.web>
 </location>

Filed under:
ASP.Net, IIS, Web Apps, Web Hosting, Windows by larmib

Leave a Reply

You must be logged in to post a comment.