In web development, config files play a very important role. Reading config file entries in a code-behind file is a very common thing in web development.
Config entries are stored in the web.config file in the
<appSettings> tag and can be accessed using
There might be a case when we may have to access the impersonated user’s details in our code. These details cannot be accessed using
To access the Impersonated user’s details, we use the classes in the namespaces
First, we access the configuration file as a
Configuration object using the
WebConfigurationManager.OpenWebConfiguration("pathToConfigFile") method. The
WebConfigurationManager class is defined in the
Then we get the identity section from the config file to retrieve the user details. This is achieved using the
IdentitySection class defined in
System.Web.Configuration namespace and "
GetSection()" method of "
GetSection() method returns the
ConfigurationSection object specified in the parameter to the method. The return object is to be type cast into the required object type, in this case
IdentitySectionObject.propertyName gives the value of the corresponding property.
The complete sample code is as shown. I have written the code in the
protected void Page_Load(object sender, EventArgs e)
objConfigFile = WebConfigurationManager.OpenWebConfiguration(
IdentitySection objIdentitySection =
if (objIdentitySection != null)
string username = objIdentitySection.UserName;
string password = objIdentitySection.Password;
bool impersonate = objIdentitySection.Impersonate;
Configuration currentConfiguration = objIdentitySection.CurrentConfiguration;
lblUsername.Text = username;
lblPassword.Text = password;
lblImpersonateOrNot.Text = impersonate.ToString();
The entry in the web.config file is as given below:
userName="YourDomain\YourUserName" password="YourPassword" />
Obviously, you would not be printing the username and password on the screen. I have just included that for testing purpose. I have uploaded a sample website folder in a zip file. You can refer to that.
Make sure you specify the domain of the computer in the username part because if you specify only the username, there is a chance that you might get a runtime exception saying:
Could not create Windows user token from the credentials specified in the config file.
Error from the operating system ‘Logon failure: unknown username or bad password'.
Hope this helps!!