User identity supplied by Microsoft Internet Information Services (IIS) as the authenticated user in an ASP.NET application
- Anonymous authentication
- Windows integrated (NTLM) authentication
- Windows integrated (Kerberos) authentication
- Basic (base64 encoded) authentication
- Digest authentication
- And Authentication based on client certificates
Impersonating the Windows Identity
Authentication mode sets the value of the current User property to a WindowsIdentity based on the credentials supplied by IIS
It does not modify the Windows identity that is supplied to the operating system.
The Windows identity supplied to the operating system is used for permission checking, such as NTFS file permissions, or for connecting to a database using integrated security.
By default, this Windows identity is the identity of the ASP.NET process.
By default, this is the NETWORK SERVICE account.
You can configure the Windows identity of your ASP.NET application as the Windows identity supplied by IIS by enabling impersonation.
That is, you instruct your ASP.NET application to impersonate the identity supplied by IIS for all tasks that the Windows operating system authenticates, including file and network access
To enable impersonation set impersonate="true" in web.config file
http://msdn.microsoft.com/en-us/library/aa302397.aspx
http://msdn.microsoft.com/en-us/library/aa302386.aspx