System.UnauthorizedAccessException: Access is denied

E

Efi

Hi,
We have a simple 3 tier application which its core application is VC++ 6.0
ATL COM running as a server application in the COM+. An asp pipe is in charge
of handling the requests and passes it to the COM for processing.

We are now trying to migrate the asp pipe to Asp.Net (C#).

When running the above configuration with Asp.Net on IIS 5.0 (W2K) we have
no problems but when trying the do it on IIS 6.0 (W2K3) we are getting the
following error which is basically access denied error on the line that tries
to create the COM instancing.
Access is denied.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information about
the error and where it originated in the code.

Exception Details: System.UnauthorizedAccessException: Access is denied.

ASP.NET is not authorized to access the requested resource. Consider
granting access rights to the resource to the ASP.NET request identity.
ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or
Network Service on IIS 6) that is used if the application is not
impersonating. If the application is impersonating via <identity
impersonate="true"/>, the identity will be the anonymous user (typically
IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET write access to a file, right-click the file in Explorer,
choose "Properties" and select the Security tab. Click "Add" to add the
appropriate user or group. Highlight the ASP.NET account, and check the boxes
for the desired access.

Source Error:
An unhandled exception was generated during the execution of the current web
request. Information regarding the origin and location of the exception can
be identified using the exception stack trace below.

Stack Trace:

[UnauthorizedAccessException: Access is denied.]
BurstingPipe.Net.WebForm1.Page_Load(Object sender, EventArgs e) in
d:\burstingweb\burstingpipe.net\adserverpipe.aspx.cs:160
System.Web.UI.Control.OnLoad(EventArgs e) +67
System.Web.UI.Control.LoadRecursive() +35
System.Web.UI.Page.ProcessRequestMain() +731

I've tried to set permissions (ASPNET and Network Service) on files and in
the COM+ (Launching permissions).

Help Please!!!

Thanks,

Efi
 
P

Prodip Saha

ASPNET account is local to the web server machine and normally it is not a
domain account. Granting permission to the ASPNET account may not bring any
good because it has no permission outside the box.

Are you implementing Windows Integrated Authentication? If so, you can turn
the impersonation to true (i.e. use the original callers domain account) in
code before calling the COM+ component and turn it back to false by using
Undo method. You can also trun the impersonation to true at all time but it
really depends on the architecture of the application.

If you are not using the Windows Integrated Authentication, you can
impersonate a specific user with their username and password. Look at this
article on how to do it--
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT01.asp

A lot more can be said but it's hard to comment w/o knowing the architecture
of the asp.net application.

Prodip



Efi said:
Hi,
We have a simple 3 tier application which its core application is VC++ 6.0
ATL COM running as a server application in the COM+. An asp pipe is in charge
of handling the requests and passes it to the COM for processing.

We are now trying to migrate the asp pipe to Asp.Net (C#).

When running the above configuration with Asp.Net on IIS 5.0 (W2K) we have
no problems but when trying the do it on IIS 6.0 (W2K3) we are getting the
following error which is basically access denied error on the line that tries
to create the COM instancing.
Access is denied.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information about
the error and where it originated in the code.

Exception Details: System.UnauthorizedAccessException: Access is denied.

ASP.NET is not authorized to access the requested resource. Consider
granting access rights to the resource to the ASP.NET request identity.
ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or
Network Service on IIS 6) that is used if the application is not
impersonating. If the application is impersonating via <identity
impersonate="true"/>, the identity will be the anonymous user (typically
IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET write access to a file, right-click the file in Explorer,
choose "Properties" and select the Security tab. Click "Add" to add the
appropriate user or group. Highlight the ASP.NET account, and check the boxes
for the desired access.

Source Error:
An unhandled exception was generated during the execution of the current web
request. Information regarding the origin and location of the exception can
be identified using the exception stack trace below.

Stack Trace:

[UnauthorizedAccessException: Access is denied.]
BurstingPipe.Net.WebForm1.Page_Load(Object sender, EventArgs e) in
d:\burstingweb\burstingpipe.net\adserverpipe.aspx.cs:160
System.Web.UI.Control.OnLoad(EventArgs e) +67
System.Web.UI.Control.LoadRecursive() +35
System.Web.UI.Page.ProcessRequestMain() +731

I've tried to set permissions (ASPNET and Network Service) on files and in
the COM+ (Launching permissions).

Help Please!!!

Thanks,

Efi
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,733
Messages
2,569,439
Members
44,829
Latest member
PIXThurman

Latest Threads

Top