i got a webapp running under iis 6. its an intranet app that uses the following web.config settings to authenticate a user:

<authentication mode="Windows"/>

<identity impersonate="true"/>

This works fine for all my old manual CRUDs -> the user always gets identitied as its Windows Identity and since the Sql Server roles are linked to ntgroups they can perform the action based on the permissions set on the table/sp for the ntuser or ntgroup.

It also works when I use the Application Framework, but only with the Data Retrieval methods. If I perform an Insert/Update or Delete I always get an error that I am not allowed to access the Database. The reason for this is that the Application Framework ignores impersonation and runs under the standard account of the web app.

What do I have to do to get the Application Framework to use the right identity?