Wrox Programmer Forums

Need to download code?

View our list of code downloads.

| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
BOOK: ASP.NET Website Programming Problem-Design-Solution
This is the forum to discuss the Wrox book ASP.NET Website Programming: Problem - Design - Solution, Visual Basic .NET Edition by Marco Bellinaso, Kevin Hoffman; ISBN: 9780764543869
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: ASP.NET Website Programming Problem-Design-Solution section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
 
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old July 21st, 2004, 08:00 AM
Registered User
 
Join Date: Jun 2003
Location: Oklahoma City, OK, USA.
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default FileManager - Permission Denied

I created a stand-alone version of the FileManager module (c#) and added the app to an existing .Net web site. Everything works fine, all the pages render correctly, etc., only I can't upload or edit files. I keep getting a 'permission denied' error.

I made sure that Anonymous browsing was disabled in the folder where the FileManager pages are, and that the account I'm logging in with has FullControl within the directory structure of the web site. Still no help. The only way I can upload/edit is by giving the I_USER account FullControl within the folders. If I understand things correctly, when Anonymous browsing is disabled (I have Windows Authentication selected), any code that executes on the server does so with the rights of the authenticated user. Am I worng? If so, how do I get edit/upload to work without giving the Anonymous User FullControl access?

TIA

Michael Caruso
MMAC Webmaster
Oklahoma City, OK
  #2 (permalink)  
Old July 21st, 2004, 04:42 PM
Friend of Wrox
 
Join Date: Jun 2003
Location: Atlanta, Georgia, USA.
Posts: 917
Thanks: 0
Thanked 0 Times in 0 Posts
Default

You need to select "Windows Integrated" authentication in IIS, and enable impersonation in your web.config:
<identity impersonate="true"/>

If you do not specify a name attribute, then ASP.NET will use the identity passed to it by IIS, which will be the network identity of the user.

You are correct that you must not give "full control" to IUSR_Machinename if you are counting on Windows Authentication to protect your files. Only the correct Windows users should have "full control".

http://msdn.microsoft.com/library/de...ersonation.asp

Eric
  #3 (permalink)  
Old July 22nd, 2004, 08:20 PM
Registered User
 
Join Date: Jun 2003
Location: Oklahoma City, OK, USA.
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

That did it. Works great. Mostly.:)

My real real goal was to add this to a web site in our DMZ, where the content is hosted on a file server behind the firewall. Any suggestions?

Michael Caruso
MMAC Webmaster
Oklahoma City, OK
  #4 (permalink)  
Old July 22nd, 2004, 08:52 PM
Friend of Wrox
 
Join Date: Jun 2003
Location: Atlanta, Georgia, USA.
Posts: 917
Thanks: 0
Thanked 0 Times in 0 Posts
Default

If you're using Active Directory to hold user accounts, you can put a hive in the DMZ to surface the accounts there. However, this isn't very easy unless you have someone who is good at AD, and it can be a security risk if it's not set up right.

The easy solution is to use Forms security, and you can use a cookie to persist user sessions on their own computers. This way they don't have to log in each day.

You could also ensure that all users come from the right IP range *AND* they have a cookie. That's a good double set of checks.

Eric
 


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
(0x800A0046) Permission denied,not IIS permission! David Hay Classic ASP Basics 3 April 30th, 2006 10:47 PM
Permission denied zah_amir Classic ASP Databases 1 January 24th, 2006 11:45 PM
Permission denied tksarun Classic ASP Components 0 March 11th, 2005 03:01 AM
Permission Denied hamidmq Javascript How-To 2 March 10th, 2005 09:41 AM
Permission Denied einstein Linux 1 December 10th, 2003 09:49 AM



All times are GMT -4. The time now is 02:47 PM.


Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.