[Mono-list] Impersonating users with mod_mono

Johann MacDonagh johann at macdonaghs.com
Sat Apr 19 01:45:56 EDT 2008

Hello all,

I am developing an ASP.NET application running on OpenSUSE for a set  
of users. These users will have accounts on the OpenSUSE box. I was  
wondering if it was possible to set up Apache and my web.config file  
to prompt the user for their account information (using a HTTP 401  
request), and have the current apache thread impersonate and actually  
run as that user.

Essentially, the website will be executing actual commands (binaries  
that interact with devices over a serial cable), and I don't want to  
give the apache user access to that. I'd much rather give access only  
to the users.

So far, I think that a combination of using <identity  
impersonation="true"> in my web.config, along with mod_authnz_external  
and pwauth *might* do the trick, but I have no idea. This can be done  
easily in IIS, but does anyone have an idea if this will work with  

I'm heading to bed now, so I wanted to get this message out. I'll keep  
trying tomorrow morning, but if anyone has any ideas, that would be  


Johann MacDonagh

More information about the Mono-list mailing list