Solved

Reading a file into a buffer from in asp.net: error "Logon failure: unknown user name or bad password."

Posted on 2004-10-06
9
901 Views
Last Modified: 2008-01-09
Hello experts!
  We are facing an interesting problem.
  We have some tiff image files located on a remote shared folder, say
\\172.23.45.66\Shared\Images
  Only specific logins are given access to this folder.
  Now, on my webpage, if I place an image control, and set its src value as follows:
  myImg.Src = @"\\172.23.45.66\Shared\Images\tmpin.jpg";"

  Then the code works and the image is displayed.
  But, If we try to read the image into a buffer as follows:

byte[] buf = null;
System.IO.FileStream fs = new System.IO.FileStream(myImg.Src, System.IO.FileMode.Open, System.IO.FileAccess.Read);

buf = new byte[fs.Length];
fs.Read(buf, 0, buf.Length);
fs.Close();

  then we get the following error:
"Logon failure: unknown user name or bad password. "

  It is very important that we load the file into a buffer.
  So, can some one suggest what could be the problem and how it can be solved?
  Note that it is not possible for us to create additional shares or virtual Web folders for the file directory, because the address can be anything that the user has rights to: it is not necessarily one single folder.
  So, we are looking for a generic solution to load a file into a buffer from an ASP .net page if the current windows user has rights to access the folder.
Looking forward to your help.
Thanks,
...Shu
0
Comment
Question by:snehanshu
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 17

Expert Comment

by:AerosSaga
ID: 12236893
Dim r As New StreamReader(file1.PostedFile.InputStream())
        Dim strBuffer As String = r.ReadToEnd
       
        'DO SOMETHING HERE WITH strBuffer
       
        r.Close()
0
 
LVL 17

Expert Comment

by:AerosSaga
ID: 12236909
<form runat="server" enctype="multipart/form-data" ID="Form2">
  <P>
    <input type="file" id="file1" runat="server" NAME="file1">
  </P>
  <P>
    <asp:Button id="btn1" runat="server" text="Upload" onclick="upload" />
  </P>
</form>

--------------------------------------------------------------------------------------

Imports System.Data
Imports System.Data.SqlClient

Public Sub Upload(ByVal sender As Object, ByVal e As System.EventArgs)
        Dim b(file1.PostedFile.InputStream.Length - 1) As Byte

        file1.PostedFile.InputStream.Read(b, 0, file1.PostedFile.InputStream.Length)

        Dim con As New SqlConnection(ConfigurationSettings.AppSettings("ConnectionStringSQL"))

        Dim sql As String = "INSERT INTO MY_TABLE(MyID, DATABLOB) VALUES(1,@BlobData) "
        Dim cmd As New SqlCommand(sql, con)

        Dim parmBlob As New SqlParameter("@BlobData", SqlDbType.VarBinary, _
                     b.Length, ParameterDirection.Input, False, 0, _
                     0, Nothing, DataRowVersion.Current, b)
                     
        cmd.Parameters.Add(parmBlob)

        con.Open()
        cmd.ExecuteNonQuery()
        con.Close()
End Sub

Aeros
0
 
LVL 15

Expert Comment

by:praneetha
ID: 12237839
System.IO.FileStream fs = new System.IO.FileStream(@"\\172.23.45.66\Shared\Images\tmpin.jpg", System.IO.FileMode.Open, System.IO.FileAccess.Read);

try hardcoding it for a while...

also try (@"\\172.23.45.66\\Shared\\Images\\tmpin.jpg",
0
 
LVL 10

Accepted Solution

by:
jnhorst earned 500 total points
ID: 12238941
What kind of authentication is involved with the website?  If you are allowing anonymous connections, there are two possibilities:

1) If you do not have <identity impersonate="true" /> in web.config, the code that is trying to read the file into a buffer is trying it under the security context of the local ASPNET account (local to the machine running IIS).  That account will surely not have permissions on the network share.

2) If you do have <identity impersonate="true" /> in web.config and are allowing anonymous connections, the code is being executed in the context of the local account that IIS is using to authenticate anonymous requests.  This is usually named IUSR_<machine name>.  You can check this by opening the IIS Admin application, clicking the Directory Security tab and then the Edit button for the section on anonymous requests.

The problem here is that both IUSR_... and ASPNET are local accounts (local to the box running IIS) and would not have permissions on a network share.  A third option exists if you are autheticating the user using Windows or Forms authentication.  Under that scenario, if <identity impersonate="true" /> is NOT in web.config, #1 above applies; the local ASPNET account is being used.  If you DO have <identity impersonate="true" /> in web.config, then the code is executing under the security context of the authenticated user.

So if you are allowing anonymous requests and want the image to load into the buffer regardless of which user is requesting the page, you'll want to do the following:

1) Create a domain or Active Directory account that will only be used for anonymous requests to the IIS box.  Go to the IIS Admin utility and reset the account that authenticates anonymous requests to use that account instead of the local IUSR_... account.

2) Give this new account read permissions on the network share.

3) Make sure <identity impersonate="true" /> is in web.config.

John
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 5

Author Comment

by:snehanshu
ID: 12284057
jnhorst,
  Thanks for your comment.
  Your comment helped us understand the problem and we have made changes to the design based on this understanding.
Thanks again,
...Shu
0
 
LVL 10

Expert Comment

by:jnhorst
ID: 12284138
Glad to help.

John
0
 
LVL 5

Author Comment

by:snehanshu
ID: 12284229
John,
  May I ask a follow-up question please?
  If I want to use option 3, can you tell me how to do it?
  I would like to take take the windows username and password from a database and execute the file access code under that user (security context or whatever it is called).
  I know that for windows based application, we have APIs to impersonate a certain user and execute parts of code as a different user. Are there any web-equivalents of this: that only certain part of my code is executed as a partucluar username/password that I know (have as string variables)?

...Shu
0
 
LVL 10

Expert Comment

by:jnhorst
ID: 12287531
You can do this (having certain code running under a particular user's account) in a COM+ application that you instantiate in your web app, but I have not done this in .NET, only back in old school asp.  But if you want to use a certain account for a web app (the whole app), you can do this:

<identity impersonate="true" username="userslogin" password="password" />

I do not like doing this (putting secure info in a clear text file that exists on the server) but it can be done.

John
0
 
LVL 5

Author Comment

by:snehanshu
ID: 12294817
Thanks again John!
We will try this.
...Shu
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Multiple file Upload asp.net 2 38
ASP.net VB.net Load contents of a GridView  to Excel 2 27
Server Error 11 47
Receiving a string from a WebService Push 21 32
Today is the age of broadband.  More and more people are going this route determined to experience the web and it’s multitude of services as quickly and painlessly as possible. Coupled with the move to broadband, people are experiencing the web via …
A quick way to get a menu to work on our website, is using the Menu control and assign it to a web.sitemap using SiteMapDataSource. Example of web.sitemap file: (CODE) Sample code to add to the page menu: (CODE) Running the application, we wi…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
A short film showing how OnPage and Connectwise integration works.

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now