Web App need permission to post files to a virtual directory

  • Thread starter Thread starter TPS
  • Start date Start date
T

TPS

I have a virtual directory where all posted files are stored.

The ASP app does not have rights to the share on the other server where the
vir dir resides.

What is the best way to give the asp app the rights to post files to the vir
dir.

Thanks

TPS.
 
The only way to give permissions is to alter the security settings on the
folder to allow the ASPNET_WP user full access to it.

If you cannot do this, then you will have to consider storing the files
inside your database.


--
Pete
=============
http://www.DroopyEyes.com - Delphi source code
Audio compression components, Fast Strings, DIB Controls

Read or write article on just about anything
http://www.HowToDoThings.com
 
Hey Pete, thanks for your reply.

The server where I am saving the files is NOT the server running IIS. The
servers are not in a domain either.

So how can I give the folder one one machine ASPNET_WP rights from another
machine?

-- Thanks again for your help.

TPS
 
Hi TPS,

Since your servers are not in a domain, you have to use local accounts.

If you disabled "Allow Anonymous", this workaround can work:

1. Create an identical local account on both machine, with the same
username and password.
2. You can impersonation this local account for all the requests of an
ASP.NET application. To do this, add the following line in the web.config
of the web appliation:

<identity impersonate="true" userName="accountname" password="password" />

For more informaiton, please check:

306158 INFO: Implementing Impersonation in an ASP.NET Application
http://support.microsoft.com/?id=306158

If you need to allow Anonymous access to the virtual directory, try this
method:

1. Create an identical local account on both machine, with the same
username and password.
2. Disable "Allow IIS to control password" option in the Authentication
Method dialog box of the ASP.NET web application.
3. Replace the default user name "IUSR_MachineName" with the local account
your created

Regards,

Felix Wu
=============
This posting is provided "AS IS" with no warranties, and confers no rights.


--------------------
 
Felix, your suggestion in method # 2 worked!

Thank you very much for your help and your great suggestions.

TPS
 
It's great to hear it works!

FYI: You can use the Token Dump component from the MSDN magazine article to
check the token dump information in detail. It can give a clear view of how
ASP.NET security model works :

ASP .NET Security Issues (by Keith Brown)
http://msdn.microsoft.com/msdnmag/issues/01/11/security/default.aspx

Have a nice day.

Felix Wu
=============
This posting is provided "AS IS" with no warranties, and confers no rights.


--------------------
From: "TPS" <[email protected]>
References: <[email protected]>
Click to expand...
<#[email protected]>
<[email protected]>
<[email protected]>
<ueB1Z2#[email protected]>
<u#AOG9#[email protected]>
 
Back
Top