Accessing File and Folders on Network

  • Thread starter Thread starter Rosa
  • Start date Start date
R

Rosa

Hi,
I'm experiencing a bit of a problem with security and file access from
within a ASP.Net application...

Locally (from an XP client) I manage to get any file or folder on my
machine with something similar to this:
DirectoryInfo di = new DirectoryInfo(strURL);
if(di.Exists)
{
FileInfo[] fileList = di.GetFiles();
//DirectoryInfo[] dirList = di.GetDirectories();
strDocURL = fileList[0].FullName;
Response.Redirect(strDocURL);
}
However when trying to access a network file/folder I get a security
exception and di.Exists is false. (System.UnauthorizedAccessException:
Access to the path "\\share\folder" is denied.)

The same code running from one of our W2K servers is able to open
network files just by having changed the following:
Response.Redirect("file:" + strDocURL);
However it isn't able to open folders (even without the "file:" bit).

I have set <identity impersonate="true" /> in the Web.config file.

-1 How can I keep the user credentials through out the application?
-2 Is there an alternative way to Response.Redirect for opening a
file/folder from within a browser?

Thanks
Rosa
 
Arild,
Thanks for the article.
Our servers are set to use Kerberos and the browsers are set to
"Enable Integrated Windows Authentication". IIS is set to "Windows
Authentication".

I guess I need to find out if the AD and the Computers are configured
for delegation...

Will keep you posted.

Thanks
Rosa
 
Rosa said:
Arild,
Thanks for the article.
Our servers are set to use Kerberos and the browsers are set to
"Enable Integrated Windows Authentication". IIS is set to "Windows
Authentication".

I guess I need to find out if the AD and the Computers are configured
for delegation...

Will keep you posted.

Thanks
Rosa
Click to expand...

By default, no computers or users are enabled for delegation, so that is
probably where your stuck right now.


Arild
 
Hi Arild,
Yep that is the case. We enabled delegation for my account and I can
now access any folder on the network (as long as the app is running on
my own machine's IIS).
However the credentials still get lost when I run it on the server:
- Would I need to enable delegation on the ASPNET user or on the
actual server itself?

Thanks
Rosa
 
Hmm... I'm not sure. Since it works on your computer, there must be some
differences on the configuration of the computer account or the IIS setup on
the two. Try giving the ASPNET user the "Act as part of the operating
system" privilege and/or make sure the webserver is trusted for delegation.


Arild
 
Back
Top