Authentication question

[Bruce W..1]

My simple ASP.NET application displays information pulled from some text
files. The text files are located in a subdirectory of the virtual
root.

I have another .aspx page that lets me add more text files to this
subdirectory by typing stuff in to a textbox. For this page I needed
authentication. I do not want to use cookies so I just put a
username/password pair into the web.config file. A login page checks
this by using ConfigurationSettings.AppSettings, sets an inprocess
session, and redirects to the input page.

So my authentication is homebrew, it does not use Forms Authentication.

This all works fine on my local machine. But when I upload it to my
hosting company, I get a security exception when it tries to write a new
text file. I thought the ASP.NET worker process had permission to write
text files local to the application?!

I've tried a few different settings in the web.config but no luck. Can
someone tell me how to fix this?

Thanks for your help.

 

[Munsifali Rashid]

As far as I know, the ASPNET account only has read and execute access to the
application by default, not write access. Some web hosting companies allow
you to change permissions of the ASPNET account for your website through
their online control panel, so it might be possible for you to change this
setting from there...

Regards,

Mun

 

[Hatim R]

you have to add read right for the aspnet user in the machine for it to be
able to write to the directory. to do that just right on the
directory ->security and then add the aspnet user and set it to write.

 

[Bruce W..1]

Both of you guys were right. My hosting control panel let me change the permissions to
give the ASPNET account write priveledges for the directory. Now it works.

Funny, I've never tried writing to a file. I've done everything else it seems.