WorldofASP.NET : ASP.NET Directory, Tutorial, Hosting, and Source Code
You are 1 of 200 users


Avoid using Impersonation in ASP.NET

Blogger : Ajax.NET Professional - AJAX and JSON made easy!
All posts : All posts by Ajax.NET Professional - AJAX and JSON made easy!
Category : ASP.NET
Blogged date : 2006 Oct 24

Scott Hanselman is writing on his blog:

The MSDN Docs are very careful not to recommend using impersonation it affects connection pooling when talking to databases downstream. The suggestion that one takes care when using impersonation has been in place since its inception. [...]

ScottGu has a good post on how to use declarative authorization to restrict access without impersonation. This works great with Forms Authentication and Custom Principals like we use at Corillian. Here's one of his examples: [...]

[PrincipalPermission(SecurityAction.Demand, Authenticated = true)]

And AjaxPro is working with PrincipalPermissions, too. See the example web page at http://munich.schwarz-interactive.de/security.aspx. The same can be used to restrict methods for Roles or Members.

Share this post: Email it! | bookmark it! | digg it! | reddit!
Read comments or post a reply to : Avoid using Impersonation in ASP.NET
Page 1728 of 1924
Next | Last

.NET News Categories






Legend : - Within 3 Days - Within 6 Days - Within 9 Days

Home | Add Resources | Sponsored Listings | Advertise with Us | SiteMap 1 | SiteMap 2 | Link To Us | Contact Us
© 2002-2008 Worldofasp.net ASP.NET Directory, Hosting and Tutorials | All rights reserved
Our Partners : ASP.NET Web Hosting | Windows Web Hosting | ASP.NET Hosting | Phone Card | PHP Directory | Bangkok Hotels |Calling Card