Impersonate using Forms Authentication

Question

I have an ASP.NET site that must use Forms Authentication and not Windows Authentication to access a ActiveDirectoryMembershipProvider. The site must use forms

Answer 1

We got the same problem recently, the customer wanted their users can log in by AD account and then this credential must be used to access Analysis Service as well as all other databases. They wanted it that way because they implemented an auditing system and all access must be done by current logged in account.

We tried Forms authentication and Win32 LogonUser() API for impersonating part, it worked but it also asks us for user's password as plain text. Later, we decided to utilized Windows authentication, it saves us lot of time (no more AD authentication, impersonate manually). Of course, there was also no fancy login page.