problem with security

[Mark]

I have this code running

Dim strFileName As String = txtFile.PostedFile.FileName.Trim

Try

If txtFile.PostedFile.ContentType.ToString = "image/pjpeg" Then

' strFileName = txtFile.PostedFile.FileName.Trim()

strFileName = Path.GetFileName(strFileName)

strFileName = Server.MapPath("images") & "\" & strFileName

txtFile.PostedFile.SaveAs(strFileName)

'RaiseEvent UploadComplete()

Else

lblMessage.Visible = True

lblMessage.Text = "File type MUST be in jpeg(jpg) format."

End If

Catch ex As Exception

Me.Visible = False

Response.Write(ex.Message)

End Try





But it produces an access denied error. I have this line in my web.config

<identity impersonate="true"/>



Any Ideas?



Thanks

 

[Guest]

With impersonation set to true, but no username or password identified, the machine will attempt to write to the system as the IUSR_machinename account. If you are listing a username/password, make sure that account has write access to the file system

 

[Tommy]

If you're not using basic authentication, then when you set
impersonate="true" in Web.Config, the request will be running under
the IUSR_MachineName user.

You need to give this user NTFS write permission to the folder where
the file is being saved.

Tommy,