Rights on virtual folder ? Denied....

Discussion in 'ASP .Net Security' started by news.iq.ca, Dec 13, 2004.

  1. news.iq.ca

    news.iq.ca Guest

    Hello.

    I have a business object which should write a file to the application's
    path.

    The app's path is:
    "C:\Documents and Settings\Administrator\My Documents\My
    Projects\ASPNETProjects\vsnet\ThreeTieredSolution"
    as in:
    __________________________________________________________
    Dim strPath As String = "C:\Documents and Settings\Administrator\My
    Documents\My Projects\ASPNETProjects\vsnet\ThreeTieredSolution\Orders.txt"
    (for the moment, hardcoded)...

    Dim strmFile As StreamWriter
    strmFile = File.AppendText(strPath)
    .................. etc
    __________________________________________________________


    However, I get the following error:
    __________________________________________________________
    Exception Details: System.UnauthorizedAccessException: Access to the path
    "C:\Documents and Settings\Administrator\My Documents\My
    Projects\ASPNETProjects\vsnet\ThreeTieredSolution\Orders.txt" is denied.

    ASP.NET is not authorized to access the requested resource. Consider
    granting access rights to the resource to the ASP.NET request identity.
    ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or
    Network Service on IIS 6) that is used if the application is not
    impersonating. If the application is impersonating via <identity
    impersonate="true"/>, the identity will be the anonymous user (typically
    IUSR_MACHINENAME) or the authenticated request user.

    To grant ASP.NET write access to a file, right-click the file in Explorer,
    choose "Properties" and select the Security tab. Click "Add" to add the
    appropriate user or group. Highlight the ASP.NET account, and check the
    boxes for the desired access.
    __________________________________________________________

    I could use any other folder, of course (it works just fine), but what if,
    for keeping things tidy, I want to write in some subfolder of the app's path
    ?

    I'm confused (I'm not strong on security...). In Explorer, I think that I
    can only set NTFS security. Anyway, from Explorer, I select ASPNetProjects
    Properties and on DefaultWebSite/Properties I can set
    AccessPermissions/Write=ON and ApplicationPermissions = Scripts.

    I go now in IIS Services and on ASPNetProjects Properties I can set Write=ON
    (ApplicationSettings/Execute Permissions is set to Scripts Only). On the tab
    Directory Security, under "Anonymous access and authentification control" I
    have Anonymous Access set to ON, USER_NAME = "IUSR_RADU" (RADU is the name
    of my machine), and I have "Allow IIS to control password" checked. I also
    have under "Authenticated Access" the checkboxes "Basic Authentification"
    set to on (but there's nothing in DefaultDomain and Realm) and "Integrated
    Windows Authentifcation" also set to ON.

    However, when i run my app, I get, as I have said before,
    ________________________________________
    ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or
    Network Service on IIS 6) that is used if the application is not
    impersonating. If the application is impersonating via <identity
    impersonate="true"/>, the identity will be the anonymous user (typically
    IUSR_MACHINENAME) or the authenticated request user.
    _________________________________________

    That means that my app is somehow "impersonating" (mistery, mistery... I
    can't find any "identity impersonate=True" anywhere).

    Plese shed some light on this - I can't seem to find my way around this
    problem.

    PS. Their advice(To grant ASP.NET write access to a file, right-click the
    file in Explorer, choose "Properties" and select the Security tab. Click
    "Add" to add the appropriate user or group. Highlight the ASP.NET account,
    and check the boxes for the desired access.) does NOT apply (there is no
    "Security" tab !)

    PS. Something else - In IIS If I set "WRITE=true", I get a box saying "The
    following child nodes also define the value of the "Access Permissions"
    property.... etc. How do the child nodes do that ? I have looked in all the
    files in my project, and there's no "Access Permission" clause...

    Thank you.
    Alex
     
    news.iq.ca, Dec 13, 2004
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jéjé
    Replies:
    2
    Views:
    401
    Jéjé
    Nov 30, 2005
  2. Rico
    Replies:
    0
    Views:
    427
  3. Zeba
    Replies:
    0
    Views:
    311
  4. antony beula
    Replies:
    0
    Views:
    703
    antony beula
    Feb 3, 2010
  5. Sachin Chavan

    Folder write access rights issue.

    Sachin Chavan, Mar 8, 2006, in forum: ASP .Net Security
    Replies:
    6
    Views:
    155
    Sachin Chavan
    Mar 14, 2006
Loading...

Share This Page