Velocity Reviews

Velocity Reviews (
-   ASP .Net Security (
-   -   Access Denied using Impersonation (

Ryan 01-05-2004 04:44 PM

Access Denied using Impersonation
I am developing an intranet application that uses windows
authentication and impersonation. The problem I'm having
is that it seems when the session ends the access token
is lost (just a guess) and when the user tries to load
the page again an Access Denied error is generated. Has
anyone experienced this before and know of a workaround.

Any help is greatly appreciated. Thank You!


Holly Mazerolle 01-06-2004 01:13 AM

RE: Access Denied using Impersonation
If this is a situation where the user is logged on to a domain and you are
using Windows Integrated Authentication in IIS the session should not
matter. Even if the session ends, on the next request, the same credentials
should be passed to the server and used. If you think it is the session, a
good test would be to lower the timeout to maybe 5 mins and try the same
steps with that.

You can find the timeout setting in the web.config file. Another thing you
could do if you are not sure what user is really trying to access the file
at the time the error occurs would be to run filemon from You can look for Access Denieds and it will also list
the account that is doing the access.

This posting is provided "AS IS" with no warranties, and confers no rights.
Hope this helps.

Holly Mazerolle 01-06-2004 10:10 PM

RE: Access Denied using Impersonation
No problem. :-)


All times are GMT. The time now is 02:02 PM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.