Solved

Can't create or write to a file w/ASP.NET: UnauthorizedAccessException

Posted on 2007-03-19
3
894 Views
Last Modified: 2013-11-07
I have a C# ASP.NET 2.0 application that needs to write some simple logging records to an XML file in the bin directory under the www root.  If I attempt to create or write to the file, I get an UnauthorizedAccessException.  (Access to the path 'D:\webadmin\www\bin\test.xml' is denied).  My server administrator says the ASP.NET user has write access to the bin directory, and I'm not sure what else the problem could be.

My testing code...  this code is compiled code-behind in the bin directory (same directory I'm trying to write to) and the ASPX page is up one directory (under the root).


filepath = @"D:\webadmin\www\bin\test.xml"
if (!File.Exists(filepath)) {
      File.Create(filepath); //Error is thrown here.
}
0
Comment
Question by:justdriveon
3 Comments
 
LVL 22

Accepted Solution

by:
_TAD_ earned 300 total points
ID: 18748756
Here is the standard Microsoft solution to that error:

ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET write access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.


<---->

If you are certain that all of these steps have been followed, try to uncheck and recheck the security access values and be sure to go into the advanced button and check the box that allows those security settings to propigate to all sub-folders and files.
0
 
LVL 3

Assisted Solution

by:Kate12
Kate12 earned 200 total points
ID: 18753233
You can easily add ACL to your file prior to creating it:

http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.filesystemaccessrule.aspx

You can even use Thread.CurrentPrincipal.Identity.Name to add your current thread Principal to either the parent folder or the File Prior creation. You can also use:

FileSecurity fileSecurity = new FileSecurity(fileName, AccessControlSections.All);
File.Create(fileName, 4089, FileOptions.None, fileSecurity);

O look at FolderSecurity to give access to the entire folder

HTH
0
 
LVL 2

Author Comment

by:justdriveon
ID: 18755526
Even though the I had read and used the error description for this error as reiterated by _TAD_, his comment prompted me to go back to my server guy and tell him to look again.  Turns out he was checking permissions on the wrong website.  Isn't it nice when the problem is someone else's rather than your own?

I am also giving Kate12 points because when googling this problem I could not find anything about these FileSecurity/FolderSecurity classes, only Active Directory Server as in this arcticle: http://support.microsoft.com/kb/899553/EN-US/.  So even though I didn't use it, I probably would have been able to solve the problem this way.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

For those of you who don't follow the news, or just happen to live under rocks, Microsoft Research released a beta SDK (http://www.microsoft.com/en-us/download/details.aspx?id=27876) for the Xbox 360 Kinect. If you don't know what a Kinect is (http:…
Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now