In the previous section of this chapter we've seen how MTS can impersonate users of the application by presenting a different NT account to the components or services it accesses. This isn’t mandatory however—you can use MTS with this feature disabled and rely on the traditional method of each resource identifying the original user via NT's security manager. In fact this is the default setting for MTS.
MTS also offers a third way of managing users and controlling access to other resources. This takes advantage of the ability of MTS to identify the original user through methods of the
object created for each component. To use this technique you write code within the component to retrieve information about the original user, and hence you can change the behavior of the component based on the user. So, we have three situations to consider:ObjectContext