We have an ASP.net application that connects to a list of servers and checks the C drive for a specific person's profile. The problem that we are having is that we can not get the application to use the users credentials (needed to have access the C drive), so we are forced to hard code the user name and password in IIS. This also could be done in the ASP.net app. We don't feel that this is a secure solution. What we want to do is pull the user's credentials from Active Directory and some how pass that into the app.
We have tried the following in the web.config:
Windows authentication mode
identity impersonate="true"
If we set identity impersonate="true" and add the username and password, the app works, but once again we don't feel that this is a secure method. Now if we could pull the username and password from Active Directory and pass it into, as a variable, the identity impersonate line that would be great, but we are not sure of a way to accomplish this. Any help would be much appreciated.
We have tried the following in the web.config:
Windows authentication mode
identity impersonate="true"
If we set identity impersonate="true" and add the username and password, the app works, but once again we don't feel that this is a secure method. Now if we could pull the username and password from Active Directory and pass it into, as a variable, the identity impersonate line that would be great, but we are not sure of a way to accomplish this. Any help would be much appreciated.