SharePoint 2010 Security:Application Pool Identities V.S. SHAREPOINT\SYSTEM Account

  • 9753
  • 0

摘要:SharePoint 2010 Security:Application Pool Identities V.S. SHAREPOINT\SYSTEM Account

在SharePoint 2010中,對外透過Application Pool Identities存取外部資源,對內透過SHAREPOINT\SYSTEM Account存取資源,因此,若想要擴大使用者存取內部資源的權限,可以透過
SPSecurity.RunWithElevatedPrivileges(delegate{//Code runs as the SHAREPOINT\SYSTEM user});
另外,可以在web.config檔中設定<identity impersonate="true"/>並且運用下列程式碼以使用者的權限透過application pool存取外部資源:
SPSecurity.RunWithElevatedPrivileges(delegate{
WebRequest xmlReq = WebRequest.CreateDefault(xmlUri);
//Uses the app pool credentials;
xmlReq.Credentials = CredentialCache.DefaultCredentials;
});

參考資料來源:
Inside Microsoft SharePoint 2010
Chapter 12 SharePoint Security