Implement impersonation/delegation behavior
See original GitHub issueConfirm you’ve already contributed to this project or that you sponsor it
- I confirm I’m a sponsor or a contributor
Version
3.x
Question
I was inspired by this comment (I’m still not sure if I need to ask this question there) when was starting to implement something. If I understood correctly, I need to implement a call to token
endpoint with specific grant type and custom request parameter.
The main question I have: how to trigger that request, should I do that using http client or initialize a challenge or somehow else? if I do that using http client, how can I preserve related principal? If I can’t pass principal with the request, then how should I validate the request? I believe, this is something a quite simple, but I can’t grope the answer.
Issue Analytics
- State:
- Created a year ago
- Comments:44 (21 by maintainers)
Top Results From Across the Web
Delegation and Impersonation with WCF
Impersonation is a common technique that services use to restrict client access to a service domain's resources.
Read more >Impersonation and Delegation in WCF
Impersonation is a technique that WCF Services use to authorize the caller’s identity to access to service resources such as files and ...
Read more >Implementing ASP.Net impersonation/delegation to ...
I'm trying to set up impersonation/delegation for a web application using ASP.NET 4.5/SQL Server 2016. The goal is to use the Windows ...
Read more >How To: Use Impersonation and Delegation in ASP.NET 2.0
Delegation allows you to use an impersonation token to access network resources. Your ability to use delegation depends on your selected ...
Read more >Delegation — A General Discussion
Impersonation : A form of identity propagation wherein a service obtains a ... In this most naive implementation of delegation behavior, ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Uhh! Brilliant, I see that there is no cookie in the request to MVC controller and I know why. Digging into this to fix…
@kevinchalet I’m looking at a similar use case and have one question regarding your example in this task:
You propose to add a new parameter to the authentication cookie if the parameter value was defined/transferred by the request. That means each app that supports the impersonation of a user has to implement a check if this parameter exists and then use this information to display the (impersonated) username / validate that this user in fact can execute the requested action?