Read/Write/Modify actions needed on a remote server.

Discussion in 'ASP .Net Security' started by chris, Jul 13, 2006.

  1. chris

    chris Guest

    Hello,

    I do not have much expertise in the security area, especially when it
    comes to Windows Authentication.

    We have a Win 2003 server that runs the ASP.NET 2.0 Web application.

    I have a simple page that needs to access the directory info on a
    remote server and if the directory does not exist then create the
    directory.

    Here is a snippet of the code I am trying to exectute:
    string serverPath =
    @"\\RemoteServer\webimages\8f3d7375-05e9-435d-b284-3d0a9179681c";
    DirectoryInfo di = new DirectoryInfo(serverPath);
    if (!di.Exists)
    di.Create();

    imagefiles = di.GetFiles();

    The problem is the DirectoryInfo object always has false for the Exists
    property.

    Here is the exception I get when it tries to create the directory:
    Method Name: WinIOError
    Declaring Type: System.IO.__Error
    Message:
    Could not find file
    '\\RemoteServer\webimages\8f3d7375-05e9-435d-b284-3d0a9179681c'.

    Ops told me that they gave the ASP.NET user full control to the
    webimages directory. The remote machine is on the same domain and is a
    Win 2003 server.

    What we have is an image server that sits on the same domain as the web
    server. We want to give our users the ability to upload images to that
    server and manage their images.

    Can anyone please give me some resources to read up on when it comes to
    this? Or just let me know what the best practice is when it comes to
    working file and directory objects on remote machines?

    Thanks,
    Chris
     
    chris, Jul 13, 2006
    #1
    1. Advertising

  2. hi,

    make sure you don't have impersonation enabled in web.config - otherwise
    this is a delegation problem -

    read more here:
    http://msdn.microsoft.com/msdnmag/issues/05/09/SecurityBriefs/default.aspx

    if no impersonation is enabled:
    is ops really sure about the right account - the account under which the
    worker process runs must have the access to the remote resource, this is
    NETWORK SERVICE by default which materializes as MACHINE$ on the remote machine.
    Otherwise you have configured a custom account for the worker process which
    also needs the required access.

    > Hello,
    >
    > I do not have much expertise in the security area, especially when it
    > comes to Windows Authentication.
    >
    > We have a Win 2003 server that runs the ASP.NET 2.0 Web application.
    >
    > I have a simple page that needs to access the directory info on a
    > remote server and if the directory does not exist then create the
    > directory.
    >
    > Here is a snippet of the code I am trying to exectute:
    > string serverPath =
    > @"\\RemoteServer\webimages\8f3d7375-05e9-435d-b284-3d0a9179681c";
    > DirectoryInfo di = new DirectoryInfo(serverPath);
    > if (!di.Exists)
    > di.Create();
    > imagefiles = di.GetFiles();
    >
    > The problem is the DirectoryInfo object always has false for the
    > Exists property.
    >
    > Here is the exception I get when it tries to create the directory:
    > Method Name: WinIOError
    > Declaring Type: System.IO.__Error
    > Message:
    > Could not find file
    > '\\RemoteServer\webimages\8f3d7375-05e9-435d-b284-3d0a9179681c'.
    > Ops told me that they gave the ASP.NET user full control to the
    > webimages directory. The remote machine is on the same domain and is
    > a Win 2003 server.
    >
    > What we have is an image server that sits on the same domain as the
    > web server. We want to give our users the ability to upload images to
    > that server and manage their images.
    >
    > Can anyone please give me some resources to read up on when it comes
    > to this? Or just let me know what the best practice is when it comes
    > to working file and directory objects on remote machines?
    >
    > Thanks,
    > Chris
     
    Dominick Baier, Jul 13, 2006
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Frank

    OPB write actions

    Frank, Oct 22, 2003, in forum: VHDL
    Replies:
    0
    Views:
    508
    Frank
    Oct 22, 2003
  2. Santel
    Replies:
    7
    Views:
    532
    Laurent Bugnion [MVP]
    Jan 8, 2007
  3. __MicroCode2004__@__Hotmail.Com__

    How to modify the URL in a WSDL file for accessing a remote webservice ?

    __MicroCode2004__@__Hotmail.Com__, Sep 21, 2004, in forum: ASP .Net Web Services
    Replies:
    1
    Views:
    184
    __MicroCode2004__@__Hotmail.Com__
    Sep 24, 2004
  4. Junpei
    Replies:
    2
    Views:
    112
    Tad McClellan
    May 29, 2004
  5. sahm
    Replies:
    4
    Views:
    699
Loading...

Share This Page