Solved

Can't create or write to a file w/ASP.NET: UnauthorizedAccessException

Posted on 2007-03-19
3
902 Views
Last Modified: 2013-11-07
I have a C# ASP.NET 2.0 application that needs to write some simple logging records to an XML file in the bin directory under the www root.  If I attempt to create or write to the file, I get an UnauthorizedAccessException.  (Access to the path 'D:\webadmin\www\bin\test.xml' is denied).  My server administrator says the ASP.NET user has write access to the bin directory, and I'm not sure what else the problem could be.

My testing code...  this code is compiled code-behind in the bin directory (same directory I'm trying to write to) and the ASPX page is up one directory (under the root).


filepath = @"D:\webadmin\www\bin\test.xml"
if (!File.Exists(filepath)) {
      File.Create(filepath); //Error is thrown here.
}
0
Comment
Question by:justdriveon
3 Comments
 
LVL 22

Accepted Solution

by:
_TAD_ earned 300 total points
ID: 18748756
Here is the standard Microsoft solution to that error:

ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET write access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.


<---->

If you are certain that all of these steps have been followed, try to uncheck and recheck the security access values and be sure to go into the advanced button and check the box that allows those security settings to propigate to all sub-folders and files.
0
 
LVL 3

Assisted Solution

by:Kate12
Kate12 earned 200 total points
ID: 18753233
You can easily add ACL to your file prior to creating it:

http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.filesystemaccessrule.aspx

You can even use Thread.CurrentPrincipal.Identity.Name to add your current thread Principal to either the parent folder or the File Prior creation. You can also use:

FileSecurity fileSecurity = new FileSecurity(fileName, AccessControlSections.All);
File.Create(fileName, 4089, FileOptions.None, fileSecurity);

O look at FolderSecurity to give access to the entire folder

HTH
0
 
LVL 2

Author Comment

by:justdriveon
ID: 18755526
Even though the I had read and used the error description for this error as reiterated by _TAD_, his comment prompted me to go back to my server guy and tell him to look again.  Turns out he was checking permissions on the wrong website.  Isn't it nice when the problem is someone else's rather than your own?

I am also giving Kate12 points because when googling this problem I could not find anything about these FileSecurity/FolderSecurity classes, only Active Directory Server as in this arcticle: http://support.microsoft.com/kb/899553/EN-US/.  So even though I didn't use it, I probably would have been able to solve the problem this way.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

ASP.Net to Oracle Connectivity Recently I had to develop an ASP.NET application connecting to an Oracle database.As I am doing it first time ,I had to solve several problems. This article will help to such developers  to develop an ASP.NET client…
Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now