We have upgraded an ASP.NET web application from IIS6 to IIS7 integrated mode. Our application uses:
<identity impersonate="true"/>
and therefore we have had to set:
<validation validateIntegratedModeConfiguration="false" />
Is this sensible? My instincts say not, but searching on google for this issue, this "workaround" is suggested on every page visited.
Is impersonation no longer a good practice in IIS7 integrated, and should we abandon it and come up with a different solution?
If your application requires integrated authentication in BeginRequest and AuthenticateRequest then you should change your application pool to classic mode.
If you do not rely on integrated authentication at these two stages of the page lifecycle then you can continue to ignore the error you are receiving by setting validateIntegratedModeConfiguration to false.
You also have the option of using appcmd migrate to move your IIS6 application to an IIS7 integrated mode configuration.
More information about this behavior in IIS 7 can be found here: http://www.iis.net/learn/application-frameworks/building-and-running-aspnet-applications/aspnet-integration-with-iis