ASP.Net Forcing impersonation at the Machine level.

December 9, 2011

I decided to look into impersonation a bit more and how I could force our Windows Platform to impersonate, without letting our users change it back in their web.config file. I found a good number of google searches, but nothing really stuck until I realized I could simply add in the web.config of the machine a location, set allowOverride to “false” then tell it what to do, without users being able to modify it!

Here’s the line I added at the top of the web.config located at c:\windows\\framework\v2.0.50727\CONFIG.

 <location allowOverride="false">
 <identity impersonate="true"/>
 <location allowOverride="true">
    <trustLevel name="Full" policyFile="internal"/>
    <trustLevel name="High" policyFile="web_hightrust.config"/>
    <trustLevel name="Medium" policyFile="web_mediumtrust.config"/>
    <trustLevel name="Low" policyFile="web_lowtrust.config"/>
    <trustLevel name="Minimal" policyFile="web_minimaltrust.config"/>
   <trust level="Full" originUrl=""/>
+1 this post if it helped you!

Leave a Reply