ISAPI filter with Basic Authentication and Asp.net impersonation - Inetserver

"Basic Authentication" has no correlation to ASP.Net Impersonation.

What happens is that:
1. IIS first negotiates Basic Authentication
2. On success, IIS impersonates credentials obtained through
authentication on its thread and executes ASP.Net
3. In turn, ASP.Net loads up .Net Framework to run your managed code,
which can certainly change the user token on the thread if the managed
code is allowed

The problems could be either:
1. The ISAPI Filter is not working correctly
2. Sharepoint has restrictions on Web Parts
3. Managed Code is not allowed to change thread impersonation

Not really IIS-related issues at all.


//David
http://w3-4u.blogspot.com
//


midway76@gmail.com wrote:
> Hello,
>
> Is it possible in the context of an ISAPI filter (with Basic
> Authentication) managing the authentication to use impersonation in a
> asp.net project? I'm new to ISAPI filter...
>
> Here's my problem. I'm working in a Sharepoint 2003 (WSS) context.
> Instead of using the Active Directory from the Sharepoint server, we're
> using a ISAPI filter to authenticate the users by connecting to a Web
> service that returns true or false depending if the user credential are
> good or not. The problem is that on our Sharepoint portal we have
> multiple webparts that impersonate the administrator. For that, we're
> using code from that source:
>
> http://msdn2.microsoft.com/en-us/lib...ercannotaccess.
>
> >From the tests I've done, when we activate Basic authentication, we get
> "The request failed with HTTP status 401: Unauthorized" from the web
> parts using impersonation. If both Basic Anthentication and Windows
> Integrated Authentication are activated, the page load correctly like
> if there was no ISAPI filter at all (credentials from the server AD
> need to be used).
>
> So is it possible to used the asp.net Impersonation when in "Basic
> Authentication" mode?
>
> Thank you,
> Chris