Reading a file into a buffer from in asp.net: error "Logon failure: unknown user name or bad password."

Hello experts!
  We are facing an interesting problem.
  We have some tiff image files located on a remote shared folder, say
\\172.23.45.66\Shared\Images
  Only specific logins are given access to this folder.
  Now, on my webpage, if I place an image control, and set its src value as follows:
  myImg.Src = @"\\172.23.45.66\Shared\Images\tmpin.jpg";"

  Then the code works and the image is displayed.
  But, If we try to read the image into a buffer as follows:

byte[] buf = null;
System.IO.FileStream fs = new System.IO.FileStream(myImg.Src, System.IO.FileMode.Open, System.IO.FileAccess.Read);

buf = new byte[fs.Length];
fs.Read(buf, 0, buf.Length);
fs.Close();

  then we get the following error:
"Logon failure: unknown user name or bad password. "

  It is very important that we load the file into a buffer.
  So, can some one suggest what could be the problem and how it can be solved?
  Note that it is not possible for us to create additional shares or virtual Web folders for the file directory, because the address can be anything that the user has rights to: it is not necessarily one single folder.
  So, we are looking for a generic solution to load a file into a buffer from an ASP .net page if the current windows user has rights to access the folder.
Looking forward to your help.
Thanks,
...Shu
LVL 5
snehanshuAsked:
Who is Participating?
 
jnhorstCommented:
What kind of authentication is involved with the website?  If you are allowing anonymous connections, there are two possibilities:

1) If you do not have <identity impersonate="true" /> in web.config, the code that is trying to read the file into a buffer is trying it under the security context of the local ASPNET account (local to the machine running IIS).  That account will surely not have permissions on the network share.

2) If you do have <identity impersonate="true" /> in web.config and are allowing anonymous connections, the code is being executed in the context of the local account that IIS is using to authenticate anonymous requests.  This is usually named IUSR_<machine name>.  You can check this by opening the IIS Admin application, clicking the Directory Security tab and then the Edit button for the section on anonymous requests.

The problem here is that both IUSR_... and ASPNET are local accounts (local to the box running IIS) and would not have permissions on a network share.  A third option exists if you are autheticating the user using Windows or Forms authentication.  Under that scenario, if <identity impersonate="true" /> is NOT in web.config, #1 above applies; the local ASPNET account is being used.  If you DO have <identity impersonate="true" /> in web.config, then the code is executing under the security context of the authenticated user.

So if you are allowing anonymous requests and want the image to load into the buffer regardless of which user is requesting the page, you'll want to do the following:

1) Create a domain or Active Directory account that will only be used for anonymous requests to the IIS box.  Go to the IIS Admin utility and reset the account that authenticates anonymous requests to use that account instead of the local IUSR_... account.

2) Give this new account read permissions on the network share.

3) Make sure <identity impersonate="true" /> is in web.config.

John
0
 
AerosSagaCommented:
Dim r As New StreamReader(file1.PostedFile.InputStream())
        Dim strBuffer As String = r.ReadToEnd
       
        'DO SOMETHING HERE WITH strBuffer
       
        r.Close()
0
 
AerosSagaCommented:
<form runat="server" enctype="multipart/form-data" ID="Form2">
  <P>
    <input type="file" id="file1" runat="server" NAME="file1">
  </P>
  <P>
    <asp:Button id="btn1" runat="server" text="Upload" onclick="upload" />
  </P>
</form>

--------------------------------------------------------------------------------------

Imports System.Data
Imports System.Data.SqlClient

Public Sub Upload(ByVal sender As Object, ByVal e As System.EventArgs)
        Dim b(file1.PostedFile.InputStream.Length - 1) As Byte

        file1.PostedFile.InputStream.Read(b, 0, file1.PostedFile.InputStream.Length)

        Dim con As New SqlConnection(ConfigurationSettings.AppSettings("ConnectionStringSQL"))

        Dim sql As String = "INSERT INTO MY_TABLE(MyID, DATABLOB) VALUES(1,@BlobData) "
        Dim cmd As New SqlCommand(sql, con)

        Dim parmBlob As New SqlParameter("@BlobData", SqlDbType.VarBinary, _
                     b.Length, ParameterDirection.Input, False, 0, _
                     0, Nothing, DataRowVersion.Current, b)
                     
        cmd.Parameters.Add(parmBlob)

        con.Open()
        cmd.ExecuteNonQuery()
        con.Close()
End Sub

Aeros
0
Cloud Class® Course: Microsoft Windows 7 Basic

This introductory course to Windows 7 environment will teach you about working with the Windows operating system. You will learn about basic functions including start menu; the desktop; managing files, folders, and libraries.

 
praneethaCommented:
System.IO.FileStream fs = new System.IO.FileStream(@"\\172.23.45.66\Shared\Images\tmpin.jpg", System.IO.FileMode.Open, System.IO.FileAccess.Read);

try hardcoding it for a while...

also try (@"\\172.23.45.66\\Shared\\Images\\tmpin.jpg",
0
 
snehanshuAuthor Commented:
jnhorst,
  Thanks for your comment.
  Your comment helped us understand the problem and we have made changes to the design based on this understanding.
Thanks again,
...Shu
0
 
jnhorstCommented:
Glad to help.

John
0
 
snehanshuAuthor Commented:
John,
  May I ask a follow-up question please?
  If I want to use option 3, can you tell me how to do it?
  I would like to take take the windows username and password from a database and execute the file access code under that user (security context or whatever it is called).
  I know that for windows based application, we have APIs to impersonate a certain user and execute parts of code as a different user. Are there any web-equivalents of this: that only certain part of my code is executed as a partucluar username/password that I know (have as string variables)?

...Shu
0
 
jnhorstCommented:
You can do this (having certain code running under a particular user's account) in a COM+ application that you instantiate in your web app, but I have not done this in .NET, only back in old school asp.  But if you want to use a certain account for a web app (the whole app), you can do this:

<identity impersonate="true" username="userslogin" password="password" />

I do not like doing this (putting secure info in a clear text file that exists on the server) but it can be done.

John
0
 
snehanshuAuthor Commented:
Thanks again John!
We will try this.
...Shu
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.