Impersonation and Path.GetTempPath()

  • Thread starter Thread starter Oleg Ogurok
  • Start date Start date
O

Oleg Ogurok

Hi all,

I have a ASP.NET app that uses Excel interop to save an .xls file on disk in
a temp folder and then read it back and e-mails it as an attachment.

The problem is deciding where to store the temp file. My web.config has
<identity impersonate="true" />


When I call System.IO.Path.GetTempPath(), it returns
C:\DOCUME~1\MYSERVER\ASPNET\LOCALS~1\Temp. However, when I try to save the
file, I get an error saying "Microsoft Office Excel cannot access the file."
It seems despite the impersonation, I still get the home dir of ASPNET user
instead of the user under which the IIS virtual directory is running. Is
there a more correct way of getting a temp path?

Thanks.

-Oleg.
 
impersonation only changes the thread's credentials, not the profile
associated with the process. a user profile is where temp, default printer,
etc settings are stored. in fact asp.net usually runs without a profile.

-- bruce (sqlwork.com)
 
This is what the LoadUserProfile Win32 API is for - don't know if there's a
framework equivalent.
 
FWIW...

I also found that a call to System.IO.Path.GetTempFileName() will throw an
IOExceception: "The directory name is invalid."

This happens with impersonation turned on and anonymous access turned off
under Windows 2000 (IIS 5). The temp directory is C:\Documents and
Settings\<machine>\ASPNET\Local Settings\Temp\ and the impersonated user
does not have create & write access to this directory. My solution was to
permit Everyone full control in Temp. I find it odd that with impersonation
turned on you get a temporary directory you can't write to, but I think this
is an artifict of the 2 layer security model with IIS and ASP.NET.

Note that on Windows 2003 (IIS 6) the default behavior is different. Calls
to GetTempPath() will yield C:\WINDOWS\TEMP\. Since directory permissions
are usually open to authenticated users, you application would probably work
without changing temp directory permissions.

Thx, Carlos


Phil Wilson said:
This is what the LoadUserProfile Win32 API is for - don't know if there's a
framework equivalent.
--
Phil Wilson [MVP Windows Installer]
----
Hi all,

I have a ASP.NET app that uses Excel interop to save an .xls file on
Click to expand...
disk
in
a temp folder and then read it back and e-mails it as an attachment.

The problem is deciding where to store the temp file. My web.config has
<identity impersonate="true" />


When I call System.IO.Path.GetTempPath(), it returns
C:\DOCUME~1\MYSERVER\ASPNET\LOCALS~1\Temp. However, when I try to save the
file, I get an error saying "Microsoft Office Excel cannot access the file."
It seems despite the impersonation, I still get the home dir of ASPNET user
instead of the user under which the IIS virtual directory is running. Is
there a more correct way of getting a temp path?

Thanks.

-Oleg.
Click to expand...
Click to expand...
 
Back
Top