IIS users can't execute code in virtual directories' subdirectorie

[JB]

Hello community

AFter the virtual directory is created in IIS I can click the url and
run the
application that was created using ASP.Net, C# and SQL Server without any
problem
including the code in the virtual directory and it's subdirectories.

The virtual directory has some code in it that when the user clicks the url
that
code runs. However, there are folders beneath the virtual directory that
also has
code modules in it, but after the user clicks the url and clicks a button on
the page
that accesses the code in the subdirectories of the virtual directory and
error stating:

"Access Denied" (to the folder that is the virtual directory appears).

Basically I am wondering why when the user clicks the url they can
execute the
code in the virtual directory but when they click a button on a page that
executes
code in the subdirectories of the virtual directory the Access Denied error
pops up?

Jeff

 

[Mr. Arnold]

Hello community

AFter the virtual directory is created in IIS I can click the url and
run the
application that was created using ASP.Net, C# and SQL Server without any
problem
including the code in the virtual directory and it's subdirectories.

The virtual directory has some code in it that when the user clicks the
url
that
code runs. However, there are folders beneath the virtual directory that
also has
code modules in it, but after the user clicks the url and clicks a button
on
the page
that accesses the code in the subdirectories of the virtual directory and
error stating:

"Access Denied" (to the folder that is the virtual directory appears).

Basically I am wondering why when the user clicks the url they can
execute the
code in the virtual directory but when they click a button on a page that
executes
code in the subdirectories of the virtual directory the Access Denied
error
pops up?

Access denied is based on a user account's permissions with the O/S and NTFS
in this situation. If the account is not on the directory or it's on the
directory and it doesn't have the proper permissions, then access will be
denied for a user account.

If not told otherwise by using 'impersonation', ASP.NET applications run
under the context of the ASP.NET Worker Process account. And if the account
is not on the directory or it's there and doesn't have the permissions, then
it's going to be access denied for the account.

Just because the ASP.NET Worker Process account may be on the virtual
directory when it's initially created does it means that the account is on
any subfolders you may have created manually in regards to NTFS. Account
permissions for an account doesn't cascade to subfolders, unless you tell
the O/S to do so using NTFS or you went to the subfolders manually and
setup permissions for an account using NTFS.