Run Application (EXE) from ASP.Net C#

  • Thread starter Thread starter mxdevit
  • Start date Start date
M

mxdevit

Task: run application from ASP.NET

for example,
you have a button on ASP.NET page, when press this button - one
application is invoked.


the code to run application (for example, notepad) is (on C#)

System.Diagnostics.Process.Start("notepad");

but the problem is that the application doesn't run, i.e. no window is
opened.

Note that ASP.NET code is executed on the SERVER.

Solution:

ASPNET user under which application is run should have appropriate
security settings.

1. change local policies for APSNET user:
in WinXP: run secpol.msc

go to Local Policies->User Rights Assignment
find "Deny log on locally" and remove ASPNET user from it.

then find "Deny logon locally" and remove ASPNET user from it.


2. Security for files.
if your application needs also to work with files (open, save, etc)
you have to change security settings for the folders to allow user
ASPNET modify nedeed files.


To test how it works without starting ASP.NET site you can try run in
Windows command line:

runas /user:ASPNET "notepad.exe"

it asks you for the password of ASPNET user. enter the password.
if everything is done correct you will see opened application (notepad
in our example) in new window.

More read here:

http://mxdev.blogspot.com/2008/09/asp-net-run-application-exe-from-aspnet.html
 
Of course, the application will run on the server, and will present no user
interface to the user who clicked the button.
 
From a standpoint of doing something, this is cool. From a standpoint of
hardening a server, my mind is about to explode, as you are opening up for
severe security breaches when you opt for this method of opening an
application on a web server.

If you must run a process, you are better to wrap the process call in a
service, as you remove the direct conduit from ASP.NET to the app. This is
not as big a deal if you are running notepad (not sure why someone would do
that through ASP.NET on a server, but it is not too risky), but can be a big
deal with some processes.

Imagine if you left a direct pipe to cmd.exe. Wow!

--
Gregory A. Beamer
MVP, MCP: +I, SE, SD, DBA

Subscribe to my blog
http://feeds.feedburner.com/GregoryBeamer#

or just read it:
http://feeds.feedburner.com/GregoryBeamer

********************************************
| Think outside the box! |
********************************************
 
actually its worse. to get notepad (or any non-console app) to run, you need
to enable Interact with desktop. this then means an exe can popup a modal
dialog box (often an error message), on the console, and hang the server
until someone answers the dialog.

-- bruce (sqlwork.com)
 
I also should have had MUST in capital letters, as I am certainly not
condoning kludging your way around a problem and service wrapping an app
just so you can pop up notepad. :-)

--
Gregory A. Beamer
MVP, MCP: +I, SE, SD, DBA

Subscribe to my blog
http://feeds.feedburner.com/GregoryBeamer#

or just read it:
http://feeds.feedburner.com/GregoryBeamer

********************************************
| Think outside the box! |
********************************************
 
as i see - it is not anought to allow Interaction with Desktop

the only solution i found - change Locally Policies to allow ASPNET user or
NetworkService (depending on IIS5 or IIS6) to logon locally

try to run
runas /user:ASPNET "notepad"

it will not open notepad in window..
 
sometimes you need to run application on server side.

i had this task:
when you click button on ASP.NET page - Photoshop application should be
opened and process some image files..

when Photoshop runs hidden (no window, just process in process list) - it
does nothing.

until i changed security settings for ASPNET user.
 
re:
!> change Local Policies to allow ASPNET user to logon locally
!> until i changed security settings for ASPNET user.

....which is not recommended.




Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
======================================
 
Back
Top