I have a web app that is attempting to use delegation for retrieving files and making requests to other servers.
I have Kerberos all set up and running fine (I think), but the delegation is only working in IE.
The code
System.Security.Principal.WindowsImpersonationContext impersonationContext;
impersonationContext = ((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate();
// Do some stuff here
impersonationContext.Undo();
I then have some logging in the impersonated section that looks like
var identity = System.Security.Principal.WindowsIdentity.GetCurrent();
logger.Debug("ImpersonationLevel: {0}", identity.ImpersonationLevel);
When I run the site from IE, the ImpersonationLevel = Delegation and the app is able to make the double-hop to the second server.
When I run from Chrome or the MobileIron web@work browser, I get ImpersonationLevel = Impersonation and the double-hop fails.
The MobileIron part is especially important, so I'm trying to figure out if it's something on my end, or the client.