grant asp.net write access but still won't work

[frekster]

All.

I have a folder/files that I have added asp.net to have read/write/etc.
privlidges via the properties of the folder/files and security tab.
However, when I run my asp.net page, I still get that access is denied.

the path is c:\inetpub\app\bin\folder

the "folder has a ton of files in it and every file in the folder must
be able to be opened and binary read by the asp.net worker process.

I tried setting read/write privlidges on the folder for asp.net and it
wouldn't work. Still got access denied. Then tried adding asp.net to a
few of the files and giving read/write and tried binary reading them
via my asp.net application and still no luck.

What must I do to allow all the files in this folder to be opened for
binary read and also to let asp.net write a binary file to the folder?

I'm no newbie at doing the simple task of granting asp.net write/read
access to files and folders via the properties/security tab under xp
pro iis5 which is what I am running along with .net 1.1. I do not need
instructions on how to do that since I have it covered. I do this often
enough at my job so am confused as to why this isn't working.

Any input will be greatly appreciated!

Justin

 

[Guest]

Hi Frekster,

Are you using impersonation? If yes, then grant that user write access to
the folders.

 

[frekster]

Hi.

Thank you for the post. I do not have ipersonate setup at all in
web.config. No identity impersonate settings are in the web.config file.
I've granted read/write to asp.net to the sounds folder and to the
capital.wav file mentioned in this error when I try to read the file via
my asp.net web application:

Exception Details: System.UnauthorizedAccessException: Access to the
path "f:\inetpub\wwwroot\imageverification\bin\sounds\capital.wav" is
denied.

ASP.NET is not authorized to access the requested resource. Consider
granting access rights to the resource to the ASP.NET request identity.
ASP.NET has
a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network
Service on IIS 6) that is used if the application is not impersonating.
If the
application is impersonating via <identity impersonate="true"/>, the
identity will be the anonymous user (typically IUSR_MACHINENAME) or the
authenticated
request user.

Any how, I am not using impersonate. This has me confused. Do you have
any other ideas/things I can try?


Regards,
Justin

 

[frekster]

Hi again.

Ok, I have this working now. I had read/write set on the folder and on
one file I had read and not write for the asp.net machine account. When
I set read and write for the file that I *only* needed to read to
asp.net machine account, it would open the file and read it.

My question is this... I have about 50 files in this folder that I need
asp.net to read in binary file access. Do I have to set read/write to
each individual file for the asp.net machine account or is there a way
to globally set read/write to all the files in a single folder for the
asp.net machine account?

I have the parent folder properties set to allow the asp.net machine
account to read, write, list folder contents, etc.

Is there a way to inherit this to all files in the folder so I don't
need to set read/write for the asp.net machine account on each file?

BTW it would be nice if Microsoft would come out with a utility to let
you see what permissions are set on a folder for all three security
models: you are dealing with asp.net permissions, iis permissions, and
ntfs permissions. That is a lot of different permissions and
documentation on the threee are not exactly, well, good?


Regards,
Justin