Using identity/impersonate for ASP.NET

Let’s say you have a web application that needs to connect to a SQL server using integrated auth. You could set the app pool of your IIS application to run as a specific account – but that could easily lead to trouble, if it’s not appropriate for other apps in the app pool to run as that account. Can’t I just get my application to run as a different account? Sure!

  The developer puts something like below in their web.config:

    <identity impersonate="true"


Then, you can use the downloaded tool called aspnet_setreg.exe to encrypt the password and store it in the registry key above. Voila!

Posted in ASP.NET, Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


Enter your email address to follow this blog and receive notifications of new posts by email.

Join 9 other followers

%d bloggers like this: