Identity
Each Web application in ASP.NET runs with a specific identity. This identity is based on a user account on the local machine or domain. The application uses this identity when it accesses services or resources on disk. If the account does not have rights to the resource, the Web application cannot use the resource.
By default, ASP.NET applications run under a common account, typically ASPNET (for Windows XP) or Network Service (for Windows Server 2003). These accounts have limited permissions to use disk and service resources. They do not, for example, have the ability to access ArcGIS Server local data sources. For information regarding accessing ArcGIS Server local data sources, see How to set ArcGIS identity.
Impersonation
Impersonation is when the Web application assumes an identity other than the default identity. Impersonation enables the application to access resources available to the account used in the impersonation. To access ArcGIS Server local data sources, for instance, the Web application must impersonate a user in the agsusers or agsadmin group.
Impersonation can be configured for the Web application on startup by adding an <identity> tag to the web.config file. Impersonation can also be implemented dynamically in code, so that it can be turned on and off as needed.
The following table describes the identity of the Web application process using common Microsoft Internet Information Services (IIS) and ASP.NET settings:
|
Operating system
|
IIS settings
|
ASP.NET settings
|
Identity
|
|
|
Anonymous
|
Integrated
|
Impersonate in web.config
|
||
|
Windows 2000
|
Either
|
Either
|
|
ASPNET
|
|
Yes
|
Either
|
True
|
IUSR_<machinename>
|
|
|
No
|
Yes
|
True
|
Browser user
|
|
|
Either
|
Either
|
True with defined user
|
User in web.config
|
|
|
Windows XP
|
Either
|
Either
|
|
ASPNET
|
|
Yes
|
Either
|
True
|
IUSR_<machinename>
|
|
|
No
|
Yes
|
True
|
Browser user
|
|
|
Either
|
Either
|
True with defined user
|
User in web.config
|
|
|
Windows 2003
|
Either
|
Either
|
|
Network Service
|
|
Yes
|
Either
|
True
|
IUSR_<machinename>
|
|
|
No
|
Yes
|
True
|
Browser user
|
|
|
Either
|
Either
|
True with defined user
|
User in web.config
|
|