System.Web.Mvc.dll was invalid when identity impersonate = true

Question

I am running this MVC 4 site on iis express initiated through visual studio 2012. If I change the impersonate to false it works fine. Any ideas what I could be doing wrong?

Answer 1

I don't know how to answer why the message is so useless but I can say that it seems to be a product of the development web host (iis express) not being in the domain of the user you are trying to authenticate.

In my example I was on my home machine (not registered to the domain) connected in via vpn. With impersonate set to false and windows authentication enable in the web.config it will work fine. When you turn on impersonate it gives the invalid message.

If you have impersonate turned on when running from a machine (my workstation in the office) registered to the domain it works with no error message.

Hope this helps someone else.

Answer 2

Use ASP.NET impersonation when you want to run your ASP.NET application under a security context different from the default security context for ASP.NET application.

If you enable impersonation for an ASP.NET application, that application can run in one of two different contexts: either as the user authenticated by IIS 7 or as an arbitrary account that you set up. For example, if you were using Anonymous authentication and chose to run the ASP.NET application as the authenticated user, the application would run under an account set up for anonymous users (typically, IUSR). Likewise, if you chose to run the application under an arbitrary account, it would run under whatever security context was set up for that account.

By default, ASP.NET impersonation is disabled. If you enable impersonation, your ASP.NET application runs under the security context of the user authenticated by IIS 7.