Is there a difference with the impersonation between the actions of the ASP.Net MVC controller and the ASP.Net web form? Using the same code within the same web project, I can successfully impersonate a Windows user when connecting to SQL Server from a web form, but not from a controller action. Here is an example of the code that I am testing from each:
string sqlQuery = @"SELECT Top 10 FullName FROM Customer";
// Connect to the database server. You must use Windows Authentication;
SqlConnection connection = new SqlConnection("Data Source=ServerName;Initial Catalog=DBName;Integrated Security=SSPI");
// Create a DataTable to store the results of the query.
DataTable table = new DataTable();
// Create and configure the SQL Data Adapter that will fill the DataTable.
SqlDataAdapter adapter = new SqlDataAdapter();
adapter.SelectCommand = new SqlCommand(sqlQuery, connection);
// Execute the query by filling the DataTable.
adapter.Fill(table);
I checked the HttpContext user on both the controller and the web form and they look the same. However, when you run SQL trace, the controller action always runs as a network service, and the web form acts as a user. Any clarification as to why these two behave differently and how to impersonate controller actions will be appreciated.