Solved

Can't create or write to a file w/ASP.NET: UnauthorizedAccessException

Posted on 2007-03-19
3
905 Views
Last Modified: 2013-11-07
I have a C# ASP.NET 2.0 application that needs to write some simple logging records to an XML file in the bin directory under the www root.  If I attempt to create or write to the file, I get an UnauthorizedAccessException.  (Access to the path 'D:\webadmin\www\bin\test.xml' is denied).  My server administrator says the ASP.NET user has write access to the bin directory, and I'm not sure what else the problem could be.

My testing code...  this code is compiled code-behind in the bin directory (same directory I'm trying to write to) and the ASPX page is up one directory (under the root).


filepath = @"D:\webadmin\www\bin\test.xml"
if (!File.Exists(filepath)) {
      File.Create(filepath); //Error is thrown here.
}
0
Comment
Question by:justdriveon
3 Comments
 
LVL 22

Accepted Solution

by:
_TAD_ earned 300 total points
ID: 18748756
Here is the standard Microsoft solution to that error:

ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET write access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.


<---->

If you are certain that all of these steps have been followed, try to uncheck and recheck the security access values and be sure to go into the advanced button and check the box that allows those security settings to propigate to all sub-folders and files.
0
 
LVL 3

Assisted Solution

by:Kate12
Kate12 earned 200 total points
ID: 18753233
You can easily add ACL to your file prior to creating it:

http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.filesystemaccessrule.aspx

You can even use Thread.CurrentPrincipal.Identity.Name to add your current thread Principal to either the parent folder or the File Prior creation. You can also use:

FileSecurity fileSecurity = new FileSecurity(fileName, AccessControlSections.All);
File.Create(fileName, 4089, FileOptions.None, fileSecurity);

O look at FolderSecurity to give access to the entire folder

HTH
0
 
LVL 2

Author Comment

by:justdriveon
ID: 18755526
Even though the I had read and used the error description for this error as reiterated by _TAD_, his comment prompted me to go back to my server guy and tell him to look again.  Turns out he was checking permissions on the wrong website.  Isn't it nice when the problem is someone else's rather than your own?

I am also giving Kate12 points because when googling this problem I could not find anything about these FileSecurity/FolderSecurity classes, only Active Directory Server as in this arcticle: http://support.microsoft.com/kb/899553/EN-US/.  So even though I didn't use it, I probably would have been able to solve the problem this way.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Easy filter aspnet 2 25
asp Google Map 2 32
Where does legacy ASP.NET initialize language? 2 22
How to filter by key press ? 6 20
Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question