Hello, I'm trying to intercept WindowsAuthenticationModule to login into application as another user, but I cannot create new WindowsIdentity without knowing his password. The code will run under administrator privilegies, so, is there any way how to get user 'Login token' without his password?
+3
A:
From Windows Server 2003 and forward, you have the ability to perform what is called Protocol Transition.
It does require Administrator privileges, and it is not at all recommended that you run a web site with admin privileges, so if you absolutely must do this, you should factor this particular piece of functionality out into a separate process that runs in higher privilege mode. Keith Brown has more information on the subject.
It is very rare that you should ever need this functionality, so unless you are absolutely certain about what you are doing, I suggest that you write another SO question that outlines what your general challenge is, and see if someone can suggest some better alternatives.
Mark Seemann
2009-09-03 12:07:09