In web development, config files play a very important role.
Reading config file entries in a code-behind file is a very common thing in web
Config entries are stored in web.config file in the <appSettings>
tag and can be accessed using
| System.Configuration.ConfigurationManager.AppSettings["keyName"]; |
There might be a case when we may have to access the impersonated
user's details in our code. These details cannot be accessed using
To access the Impersonated user's details, we use the classes in
the namespaces System.Web.Configuration
First, we access the configuration file as a "Configuration"
object using the
WebConfigurationManager.OpenWebConfiguration("pathToConfigFile") method. The
WebConfigurationManager class is defined in the
Then we get the identity section from the config file to retrieve
the user details. This is achieved using the IdentitySection class
defined in System.Web.Configuration namespace and "GetSection()"
method of "Configuration" class.
The "GetSection()" method returns the ConfigurationSection
object specified in the parameter to the method. The return object is to be type
cast into the required object type, in this case, "IdentitySection".
Then, IdentitySectionObject.propertyName gives the value
of the corresponding property.
The sample code is as shown. I have written the code in the
| using System.Web.Configuration; |
protected void Page_Load(object sender, EventArgs e)
//getting an instance of the configuration file
objConfigFile = WebConfigurationManager.OpenWebConfiguration(HttpContext.Current.Request.ApplicationPath);
//getting an instance of the "identity" section of the cofiguration file
IdentitySection objIdentitySection = (IdentitySection)objConfigFile.GetSection("system.web/identity");
if (objIdentitySection != null)
string username = objIdentitySection.UserName;
string password = objIdentitySection.Password;
bool impersonate = objIdentitySection.Impersonate;
Configuration currentConfiguration = objIdentitySection.CurrentConfiguration;
//Obviously you won't be doing this. The lines below are just for testing purpose
lblUsername.Text = username;
lblPassword.Text = password;
lblImpersonateOrNot.Text = impersonate.ToString();
The entry in the web.config file is as given below.
<identity impersonate="true" userName="YourDomain\YourUserName"
Obviously, you would
not be printing the username and password on the screen. I have just included
that for testing purpose. I have uploaded a sample website folder in a zip file.
You can refer to that.
Make sure you specify the domain of the computer in the username
part because if you specify only the username, there is a chance that you might
get a runtime exception saying
| Could not create Windows user token from the credentials specified in the config file.
Error from the operating system ‘Logon failure: unknown username or bad password'. |
Hope this helps!!