问题
I've got windows authentication enabled on an ASP page so that I can grab the current user's username. This forces the ASP page to run as that user. I want to lock some files down that are currently being accessed by that page. Is there a way to have Windows Authentication enabled and still run the page under the account that IIS is running as?
回答1:
In the end, I'm just going to be migrating this to ASP.net. There is an article at Microsoft regarding impersonation at http://support.microsoft.com/kb/248187. They have code on that page for a library called LoginAdmin.dll which has a RevertToSelf function that brings the security context back to that of the account running IIS. This can be done much more easily in ASP.net.
来源:https://stackoverflow.com/questions/1490035/running-a-classic-asp-page-as-under-iis-account-when-windows-auth-is-enabled