Using identity/impersonate for ASP.NET

Let’s say you have a web application that needs to connect to a SQL server using integrated auth. You could set the app pool of your IIS application to run as a specific account – but that could easily lead to trouble, if it’s not appropriate for other apps in the app pool to run as that account. Can’t I just get my application to run as a different account? Sure!

  The developer puts something like below in their web.config:

    <identity impersonate="true"


Then, you can use the downloaded tool called aspnet_setreg.exe to encrypt the password and store it in the registry key above. Voila!

Posted in ASP.NET, Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s


Enter your email address to follow this blog and receive notifications of new posts by email.

Join 7 other followers

%d bloggers like this: