B
Bill Heckle
I am trying to work through the sample from msdn, "How To Use DPAPI (User
Store) from ASP.NET with Enterprise Services". I thought I had everything
configured correctly. I tried to test the service and get the following
error.(Sorry for encluding every line). I am confused as to what setting is
incorrectly set. Additionally, the paragraph on giving asp.net access doesn't
help me at all. Thanks for help, as I don't want to keep thrashing about. Any
advice on where to read more about security in general is appreciated.
Exception Details: System.UnauthorizedAccessException: Access is denied.
ASP.NET is not authorized to access the requested resource. Consider
granting access rights to the resource to the ASP.NET request identity.
ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or
Network Service on IIS 6) that is used if the application is not
impersonating. If the application is impersonating via <identity
impersonate="true"/>, the identity will be the anonymous user (typically
IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET write access to a file, right-click the file in Explorer,
choose "Properties" and select the Security tab. Click "Add" to add the
appropriate user or group. Highlight the ASP.NET account, and check the boxes
for the desired access.
Source Error:
Line 59: private void btnEncrypt_Click(object sender, System.EventArgs e)
Line 60: {
Line 61: DataProtectorComp dp = new DataProtectorComp();
Line 62: try
Line 63: {
Source File: c:\documents and
settings\bill\vswebcache\billfun\dpapiweb\webform1.aspx.cs Line: 61
Stack Trace:
[UnauthorizedAccessException: Access is denied.]
System.Runtime.InteropServices.Marshal.ThrowExceptionForHR(Int32
errorCode, IntPtr errorInfo) +0
System.EnterpriseServices.Thunk.Proxy.CoCreateObject(Type serverType,
Boolean bQuerySCInfo, Boolean& bIsAnotherProcess, String& uri) +581
System.EnterpriseServices.ServicedComponentProxyAttribute.CreateInstance(Type
serverType) +181
System.Runtime.Remoting.Activation.ActivationServices.IsCurrentContextOK(Type
serverType, Object[] props, Boolean bNewObj) +74
DPAPIWeb.WebForm1.btnEncrypt_Click(Object sender, EventArgs e) in
c:\documents and settings\bill
heckle\vswebcache\billfun\dpapiweb\webform1.aspx.cs:61
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +108
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +57
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler
sourceControl, String eventArgument) +18
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33
System.Web.UI.Page.ProcessRequestMain() +1277
Store) from ASP.NET with Enterprise Services". I thought I had everything
configured correctly. I tried to test the service and get the following
error.(Sorry for encluding every line). I am confused as to what setting is
incorrectly set. Additionally, the paragraph on giving asp.net access doesn't
help me at all. Thanks for help, as I don't want to keep thrashing about. Any
advice on where to read more about security in general is appreciated.
Exception Details: System.UnauthorizedAccessException: Access is denied.
ASP.NET is not authorized to access the requested resource. Consider
granting access rights to the resource to the ASP.NET request identity.
ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or
Network Service on IIS 6) that is used if the application is not
impersonating. If the application is impersonating via <identity
impersonate="true"/>, the identity will be the anonymous user (typically
IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET write access to a file, right-click the file in Explorer,
choose "Properties" and select the Security tab. Click "Add" to add the
appropriate user or group. Highlight the ASP.NET account, and check the boxes
for the desired access.
Source Error:
Line 59: private void btnEncrypt_Click(object sender, System.EventArgs e)
Line 60: {
Line 61: DataProtectorComp dp = new DataProtectorComp();
Line 62: try
Line 63: {
Source File: c:\documents and
settings\bill\vswebcache\billfun\dpapiweb\webform1.aspx.cs Line: 61
Stack Trace:
[UnauthorizedAccessException: Access is denied.]
System.Runtime.InteropServices.Marshal.ThrowExceptionForHR(Int32
errorCode, IntPtr errorInfo) +0
System.EnterpriseServices.Thunk.Proxy.CoCreateObject(Type serverType,
Boolean bQuerySCInfo, Boolean& bIsAnotherProcess, String& uri) +581
System.EnterpriseServices.ServicedComponentProxyAttribute.CreateInstance(Type
serverType) +181
System.Runtime.Remoting.Activation.ActivationServices.IsCurrentContextOK(Type
serverType, Object[] props, Boolean bNewObj) +74
DPAPIWeb.WebForm1.btnEncrypt_Click(Object sender, EventArgs e) in
c:\documents and settings\bill
heckle\vswebcache\billfun\dpapiweb\webform1.aspx.cs:61
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +108
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +57
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler
sourceControl, String eventArgument) +18
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33
System.Web.UI.Page.ProcessRequestMain() +1277