Search code examples
asp.netauthenticationiisimpersonation

Configuring ASP.NET Impersonation Authentication

I developed a webpage on IIS that controls PC volume (using the library - CSCore.CoreAudioAPI ). I need that the user will be logged in as the current user in the machine.

I tried to configure the web.config file to allow Impersonated Authentication, but still having troubles. 

<system.web>
    <identity impersonate="true"
      userName="Domain\username" 
      password="XXXX" />
</system.web>

enter image description here

Thank you for your help.

Solution

  • You need to also enable Windows Authentication in order for this to work. Otherwise there's no mechanism to capture the user name.

    However, I think the better approach is to create a custom application pool for your application and explicitly set the impersonation (Advanced Settings) to the user you want to set it to. Since the application pool hosts your application (ie. it's the launching EXE) your application then runs under that account and assuming it has full rights on the machine it should be able to access the hardware to control the volume.

    ASP.NET Impersonation is a legacy feature that was meant to be used with IIS 6 and older when IIS didn't have proper application isolation. With later versions Application Pools took over the hosting of applications and the user account impersonation with it.