MDauphinais1
asked on
ASP File Upload FileSystemObject Permission Denied
I cannot seem to wrap my head around this so I need some help.
Ultimately, I need to upload a file with ASP to a remote file store server (all within my corporate network - just a different server from the web server).
First, I am using FreeASPUpload to do the upload - found on the web for free and shown below.
Second, I have a virtual directory set up on IIS pointing to the remote file share. The anonymous permissions are configured for a domain account that has Read/Write/Modify access to the remote file server.
I have the upload script working perfectly when uploading to the web server. When I tried changing it to the virtual directory I kept getting Permission Denied and I could not figure out why. After some reading about the FreeASPUpload script I found out that it cannot upload to a virtual directory, for whatever reason. They blame it on the ADODB.Stream procedure.
So I am trying to create a work-a-round. What I did was upload the file to the local web server - which works fine - and then I am using FileSystemObject to copy the file to the virtual directory and delete it from the web server. In essence I am using the web server as a transfer point.
If I just take the FileSystemObject code attached and run it independently as its own script, in its own web browser window, the file gets copied to the virtual directory and deleted from the web server just fine. However, if I try to run the script as part of the FreeASPUpload procedure or even from within the same browser window I get "Permission Denied".
So I was thinking that for some reason the file upload was doing something to the permissions on my session so the IIS server no longer knew who I was (even though it is suppose to be using the anonymous user account specified) which doesn't make any sense. So I tried running the FreeASPUpload script, and then using JavaScript to popup a new browser window to run the FileSystemObject script and then close the browser window. I still get Permission Denied in the popup page. But if I take the URL from the popup page and manually open a new browser window, paste the URL and hit enter the code runs fine. I even tried delaying the opening of the popup page thinking the upload might be taking a second that that didn't help.
I cannot figure this out and it is driving me nuts. Any ideas?
Ultimately, I need to upload a file with ASP to a remote file store server (all within my corporate network - just a different server from the web server).
First, I am using FreeASPUpload to do the upload - found on the web for free and shown below.
Second, I have a virtual directory set up on IIS pointing to the remote file share. The anonymous permissions are configured for a domain account that has Read/Write/Modify access to the remote file server.
I have the upload script working perfectly when uploading to the web server. When I tried changing it to the virtual directory I kept getting Permission Denied and I could not figure out why. After some reading about the FreeASPUpload script I found out that it cannot upload to a virtual directory, for whatever reason. They blame it on the ADODB.Stream procedure.
So I am trying to create a work-a-round. What I did was upload the file to the local web server - which works fine - and then I am using FileSystemObject to copy the file to the virtual directory and delete it from the web server. In essence I am using the web server as a transfer point.
If I just take the FileSystemObject code attached and run it independently as its own script, in its own web browser window, the file gets copied to the virtual directory and deleted from the web server just fine. However, if I try to run the script as part of the FreeASPUpload procedure or even from within the same browser window I get "Permission Denied".
So I was thinking that for some reason the file upload was doing something to the permissions on my session so the IIS server no longer knew who I was (even though it is suppose to be using the anonymous user account specified) which doesn't make any sense. So I tried running the FreeASPUpload script, and then using JavaScript to popup a new browser window to run the FileSystemObject script and then close the browser window. I still get Permission Denied in the popup page. But if I take the URL from the popup page and manually open a new browser window, paste the URL and hit enter the code runs fine. I even tried delaying the opening of the popup page thinking the upload might be taking a second that that didn't help.
I cannot figure this out and it is driving me nuts. Any ideas?
/// FILESYSTEMOBJECT CODE ///
<%
Dim uploadsDirRemote, uploadsDirLocal, filename
uploadsDirLocal = Server.MapPath("\") & "\Public\doc_transfer\"
If request.querystring("interface") = "Event" Then
uploadsDirRemote = Server.MapPath("/Remote/public_files/") & "\DeptStorage\Files\" & request.querystring("id") & "\"
End If
filename = request.querystring("filename")
response.write uploadsDirRemote
'### CREATE REMOTE STORAGE FOLDER ###
Set fs = Server.CreateObject("Scripting.FileSystemObject")
If fs.FolderExists(uploadsDirRemote) = true then
'Folder already exists, do not create folder
Else
fs.createfolder(uploadsDirRemote)
End If
'### TRANSFER TEMP FILE TO REMOTE STORAGE ###
Set f = fs.GetFile(uploadsDirLocal & filename)
f.Copy uploadsDirRemote & "\" & filename,true
Set f = Nothing
'### DELETE TEMP FILE ###
fs.CreateTextFile uploadsDirLocal & filename,True
If fs.FileExists(uploadsDirLocal & filename) then
fs.DeleteFile(uploadsDirLocal & filename)
End If
Set fs = Nothing
Response.Write("<SCRIPT>window.close()</SCRIPT>")
%>
/// FREEASPUPLOAD CODE ///
<%@ Language=VBScript %>
<%
option explicit
Response.Expires = -1
Server.ScriptTimeout = 600
%>
<!-- #include file="..\database_connect\mssql_connect.asp" -->
<%
Class FreeASPUpload
Public UploadedFiles
Public FormElements
Private VarArrayBinRequest
Private StreamRequest
Private uploadedYet
Private Sub Class_Initialize()
Set UploadedFiles = Server.CreateObject("Scripting.Dictionary")
Set FormElements = Server.CreateObject("Scripting.Dictionary")
Set StreamRequest = Server.CreateObject("ADODB.Stream")
StreamRequest.Type = 1 'adTypeBinary
StreamRequest.Open
uploadedYet = false
End Sub
Private Sub Class_Terminate()
If IsObject(UploadedFiles) Then
UploadedFiles.RemoveAll()
Set UploadedFiles = Nothing
End If
If IsObject(FormElements) Then
FormElements.RemoveAll()
Set FormElements = Nothing
End If
StreamRequest.Close
Set StreamRequest = Nothing
End Sub
Public Property Get Form(sIndex)
Form = ""
If FormElements.Exists(LCase(sIndex)) Then Form = FormElements.Item(LCase(sIndex))
End Property
Public Property Get Files()
Files = UploadedFiles.Items
End Property
'Calls Upload to extract the data from the binary request and then saves the uploaded files
' ///// START OF CUSTOM CODE /////
Public Function FilesSave(path, linkid, interface)
Dim streamFile, fileItem, SQL, record_check, rs, total, rs1, SQL1, doctitle
doctitle = Request.QueryString("title")
if Right(path, 1) <> "\" then path = path & "\"
if not uploadedYet then Upload
For Each fileItem In UploadedFiles.Items
Set streamFile = Server.CreateObject("ADODB.Stream")
streamFile.Type = 1
streamFile.Open
StreamRequest.Position=fileItem.Start
StreamRequest.CopyTo streamFile, fileItem.Length
streamFile.SaveToFile path & fileItem.FileName, 2
streamFile.close
Set streamFile = Nothing
Response.Write "<SCRIPT type='text/javascript'>self.setTimeout('window.open(\'../Modules/upload_sub.asp?id=" & linkid & "&interface=" & interface & "&filename=" & fileItem.FileName & "&title=" & doctitle & "&size=" & fileItem.Length & "\');$(\'#uploading\').hide();$(\'#fileresults\').show();', 10000)</SCRIPT>"
'Response.Redirect "../Modules/upload_sub.asp?id=" & linkid & "&interface=" & interface & "&filename=" & fileItem.FileName & "&title=" & doctitle & "&size=" & fileItem.Length
response.write "<span id=fileresults><br><B>File uploaded successfully!</B><br><br><br><table><tr><td><u>File Details</u><br>"
response.write "File Title: " & doctitle & "<br>File Name: " & fileItem.FileName & " <br>File Size: " & fileItem.Length & " Bytes</td></tr></table></span>"
Next
End Function
' ///// END OF CUSTOM CODE /////
Public Function SaveBinRequest(path) ' For debugging purposes
StreamRequest.SaveToFile path & "\debugStream.bin", 2
End Function
Public Sub DumpData() 'only works if files are plain text
Dim i, aKeys, f
response.write "Form Items:<br>"
aKeys = FormElements.Keys
For i = 0 To FormElements.Count -1 ' Iterate the array
response.write aKeys(i) & " = " & FormElements.Item(aKeys(i)) & "<BR>"
Next
response.write "Uploaded Files:<br>"
For Each f In UploadedFiles.Items
response.write "Name: " & f.FileName & "<br>"
response.write "Type: " & f.ContentType & "<br>"
response.write "Start: " & f.Start & "<br>"
response.write "Size: " & f.Length & "<br>"
Next
End Sub
Private Sub Upload()
Dim nCurPos, nDataBoundPos, nLastSepPos
Dim nPosFile, nPosBound
Dim sFieldName, osPathSep, auxStr
'RFC1867 Tokens
Dim vDataSep
Dim tNewLine, tDoubleQuotes, tTerm, tFilename, tName, tContentDisp, tContentType
tNewLine = Byte2String(Chr(13))
tDoubleQuotes = Byte2String(Chr(34))
tTerm = Byte2String("--")
tFilename = Byte2String("filename=""")
tName = Byte2String("name=""")
tContentDisp = Byte2String("Content-Disposition")
tContentType = Byte2String("Content-Type:")
uploadedYet = true
on error resume next
VarArrayBinRequest = Request.BinaryRead(Request.TotalBytes)
if Err.Number <> 0 then
response.write "<br><br><B>System reported this error:</B><p>"
response.write Err.Description & "<p>"
response.write "The most likely cause for this error is the incorrect setup of AspMaxRequestEntityAllowed in IIS MetaBase. Please see instructions in the <A HREF='http://www.freeaspupload.net/freeaspupload/requirements.asp'>requirements page of freeaspupload.net</A>.<p>"
Exit Sub
end if
on error goto 0 'reset error handling
nCurPos = FindToken(tNewLine,1) 'Note: nCurPos is 1-based (and so is InstrB, MidB, etc)
If nCurPos <= 1 Then Exit Sub
'vDataSep is a separator like -----------------------------21763138716045
vDataSep = MidB(VarArrayBinRequest, 1, nCurPos-1)
'Start of current separator
nDataBoundPos = 1
'Beginning of last line
nLastSepPos = FindToken(vDataSep & tTerm, 1)
Do Until nDataBoundPos = nLastSepPos
nCurPos = SkipToken(tContentDisp, nDataBoundPos)
nCurPos = SkipToken(tName, nCurPos)
sFieldName = ExtractField(tDoubleQuotes, nCurPos)
nPosFile = FindToken(tFilename, nCurPos)
nPosBound = FindToken(vDataSep, nCurPos)
If nPosFile <> 0 And nPosFile < nPosBound Then
Dim oUploadFile
Set oUploadFile = New UploadedFile
nCurPos = SkipToken(tFilename, nCurPos)
auxStr = ExtractField(tDoubleQuotes, nCurPos)
' We are interested only in the name of the file, not the whole path
' Path separator is \ in windows, / in UNIX
' While IE seems to put the whole pathname in the stream, Mozilla seem to
' only put the actual file name, so UNIX paths may be rare. But not impossible.
osPathSep = "\"
if InStr(auxStr, osPathSep) = 0 then osPathSep = "/"
oUploadFile.FileName = Right(auxStr, Len(auxStr)-InStrRev(auxStr, osPathSep))
if (Len(oUploadFile.FileName) > 0) then 'File field not left empty
nCurPos = SkipToken(tContentType, nCurPos)
auxStr = ExtractField(tNewLine, nCurPos)
' NN on UNIX puts things like this in the streaa:
' ?? python py type=?? python application/x-python
oUploadFile.ContentType = Right(auxStr, Len(auxStr)-InStrRev(auxStr, " "))
nCurPos = FindToken(tNewLine, nCurPos) + 4 'skip empty line
oUploadFile.Start = nCurPos-1
oUploadFile.Length = FindToken(vDataSep, nCurPos) - 2 - nCurPos
If oUploadFile.Length > 0 Then UploadedFiles.Add LCase(sFieldName), oUploadFile
End If
Else
Dim nEndOfData
nCurPos = FindToken(tNewLine, nCurPos) + 4 'skip empty line
nEndOfData = FindToken(vDataSep, nCurPos) - 2
If Not FormElements.Exists(LCase(sFieldName)) Then
FormElements.Add LCase(sFieldName), String2Byte(MidB(VarArrayBinRequest, nCurPos, nEndOfData-nCurPos))
else
FormElements.Item(LCase(sFieldName))= FormElements.Item(LCase(sFieldName)) & ", " & String2Byte(MidB(VarArrayBinRequest, nCurPos, nEndOfData-nCurPos))
end if
End If
'Advance to next separator
nDataBoundPos = FindToken(vDataSep, nCurPos)
Loop
StreamRequest.Write(VarArrayBinRequest)
End Sub
Private Function SkipToken(sToken, nStart)
SkipToken = InstrB(nStart, VarArrayBinRequest, sToken)
If SkipToken = 0 then
Response.write "Error in parsing uploaded binary request."
Response.End
end if
SkipToken = SkipToken + LenB(sToken)
End Function
Private Function FindToken(sToken, nStart)
FindToken = InstrB(nStart, VarArrayBinRequest, sToken)
End Function
Private Function ExtractField(sToken, nStart)
Dim nEnd
nEnd = InstrB(nStart, VarArrayBinRequest, sToken)
If nEnd = 0 then
Response.write "Error in parsing uploaded binary request."
Response.End
end if
ExtractField = String2Byte(MidB(VarArrayBinRequest, nStart, nEnd-nStart))
End Function
'String to byte string conversion
Private Function Byte2String(sString)
Dim i
For i = 1 to Len(sString)
Byte2String = Byte2String & ChrB(AscB(Mid(sString,i,1)))
Next
End Function
'Byte string to string conversion
Private Function String2Byte(bsString)
Dim i
String2Byte =""
For i = 1 to LenB(bsString)
String2Byte = String2Byte & Chr(AscB(MidB(bsString,i,1)))
Next
End Function
End Class
Class UploadedFile
Public ContentType
Public Start
Public Length
Public Path
Private nameOfFile
' Need to remove characters that are valid in UNIX, but not in Windows
Public Property Let FileName(fN)
nameOfFile = fN
nameOfFile = SubstNoReg(nameOfFile, "\", "_")
nameOfFile = SubstNoReg(nameOfFile, "/", "_")
nameOfFile = SubstNoReg(nameOfFile, ":", "_")
nameOfFile = SubstNoReg(nameOfFile, "*", "_")
nameOfFile = SubstNoReg(nameOfFile, "?", "_")
nameOfFile = SubstNoReg(nameOfFile, """", "_")
nameOfFile = SubstNoReg(nameOfFile, "<", "_")
nameOfFile = SubstNoReg(nameOfFile, ">", "_")
nameOfFile = SubstNoReg(nameOfFile, "|", "_")
End Property
Public Property Get FileName()
FileName = nameOfFile
End Property
'Public Property Get FileN()ame
End Class
' Does not depend on RegEx, which is not available on older VBScript
' Is not recursive, which means it will not run out of stack space
Function SubstNoReg(initialStr, oldStr, newStr)
Dim currentPos, oldStrPos, skip
If IsNull(initialStr) Or Len(initialStr) = 0 Then
SubstNoReg = ""
ElseIf IsNull(oldStr) Or Len(oldStr) = 0 Then
SubstNoReg = initialStr
Else
If IsNull(newStr) Then newStr = ""
currentPos = 1
oldStrPos = 0
SubstNoReg = ""
skip = Len(oldStr)
Do While currentPos <= Len(initialStr)
oldStrPos = InStr(currentPos, initialStr, oldStr)
If oldStrPos = 0 Then
SubstNoReg = SubstNoReg & Mid(initialStr, currentPos, Len(initialStr) - currentPos + 1)
currentPos = Len(initialStr) + 1
Else
SubstNoReg = SubstNoReg & Mid(initialStr, currentPos, oldStrPos - currentPos) & newStr
currentPos = oldStrPos + skip
End If
Loop
End If
End Function
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script type="text/javascript" src="../java/jquery-1.2.6.min.js"></script>
<script type="text/javascript" src="../java/ajax.js"></script>
<script type="text/javascript" src="../java/functions.js"></script>
<link rel="stylesheet" href="../style/default.css">
</head>
<% If Request.QueryString("tabupdated") = 2 Then %>
<body onload='$("#fileselected").hide();$("#fileresults").hide();'>
<% Else %>
<body onload='$("#fileselected").hide();'>
<% End If %>
<%
' *********************** START VARIABLE EDIT ***********************
Dim uploadsDirRemote, uploadsDirLocal
uploadsDirLocal = Server.MapPath("\") & "\Public\doc_transfer"
' ************************ END VARIABLE EDIT ************************
function OutputForm()
%>
<% Response.Write "<form name='frmSend' method='POST' enctype='multipart/form-data' action='#'>" %>
<center><br><br>
Enter a file description: <input type="text" size=35 name="doctitle"><br><br>
Select a document: <input type="button" value="Browse..." class="btn" onmouseover="this.className='btn btnhov'" onmouseout="this.className='btn'"/><input name="attach1" type="file" size=35 class="hidebrowse" onchange="$('#fileselected').show();">
<span id="fileselected"><img src="../images/checkmark.gif" border="0" height="16" width="16"></span>
<br><br>
<input style="margin-top:4" type=button value="Upload File" onclick="fileuploadverify_events();" class="btn" onmouseover="this.className='btn btnhov'" onmouseout="this.className='btn'"/>
</form>
</center>
<%
end function
function SaveFiles
Dim Upload, fileName, fileSize, ks, i, fileKey, fs, f
Set Upload = New FreeASPUpload
Upload.FilesSave uploadsDirLocal, request.querystring("id"), "Event"
' If something fails inside the script, but the exception is handled
If Err.Number<>0 then Exit function
SaveFiles = ""
ks = Upload.UploadedFiles.keys
if (UBound(ks) <> -1) then
'
else
SaveFiles = "<br>The file you have entered does not appear to be valid or already exists. Please select another file."
end if
end function
%>
<%
Dim diagnostics
if Request.ServerVariables("REQUEST_METHOD") <> "POST" then
response.write "<div align=""center"">"
OutputForm()
response.write "</div>"
else
response.write "<div align=""center"">"
OutputForm()
If Request.QueryString("tabupdated") = 2 Then
response.write SaveFiles()
%>
<span id="uploading">
<div align="center"><font size="2" face="Arial, Helvetica, sans-serif">
<image src="../images/indicator.gif" border="0"> <i>Uploading File... Please Wait.</i>
</font></div>
</span>
<%
End If
response.write "<br><br></div>"
End If
%>
</body>
</html>
ASKER
Thanks for the response. But like I said in my post:
"I have a virtual directory set up on IIS pointing to the remote file share. The anonymous permissions are configured for a domain account that has Read/Write/Modify access to the remote file server. "
I am aware of the anonymous user issue on IIS. I already took care of that by using a domain account. The issue I am experiencing is not chronic. If I independently call FileSystemObject to create or move a file to the remote server, it works fine. This tells me the permissions are good. However, if I try to upload to the remove server, I get Permission Denied, Write File Error or a blank response but no upload.
If I upload to the local web server instead, it works fine. Then if I try to call the FileSystemObject for any reason on the remove server, create folder, move file, etc. within a few minutes from when the upload occured I will get Permission Denied, Write File Error, etc. on the remove server. If I literally sit and wait for several minutes after the upload occurs and try the FileSystemObject call again, whatever I was trying to do will run fine.
The upload script is not changing any rights (at least not intentionally) so this is very perplexing.
"I have a virtual directory set up on IIS pointing to the remote file share. The anonymous permissions are configured for a domain account that has Read/Write/Modify access to the remote file server. "
I am aware of the anonymous user issue on IIS. I already took care of that by using a domain account. The issue I am experiencing is not chronic. If I independently call FileSystemObject to create or move a file to the remote server, it works fine. This tells me the permissions are good. However, if I try to upload to the remove server, I get Permission Denied, Write File Error or a blank response but no upload.
If I upload to the local web server instead, it works fine. Then if I try to call the FileSystemObject for any reason on the remove server, create folder, move file, etc. within a few minutes from when the upload occured I will get Permission Denied, Write File Error, etc. on the remove server. If I literally sit and wait for several minutes after the upload occurs and try the FileSystemObject call again, whatever I was trying to do will run fine.
The upload script is not changing any rights (at least not intentionally) so this is very perplexing.
Sorry for the mis-understanding.
Two things come to mind.
Since you need to access a "remote" network resource make sure that you have impersonation enabled for this directory/site in IIS, otherwise I believe the credentials default to the anonumous machine account, despite what is being used in IIS for anonymous.
The other thing that comes to mind is that it might be trying to use the application pool ID as oppsed to the anonymous account. You can try changing the logon ID of the app pool to the domain account and see if this works ... I believe you will still need to have impersonation enabled for the site for this to work.
http://msdn.microsoft.com/en-us/library/134ec8tc(VS.80).aspx
Two things come to mind.
Since you need to access a "remote" network resource make sure that you have impersonation enabled for this directory/site in IIS, otherwise I believe the credentials default to the anonumous machine account, despite what is being used in IIS for anonymous.
The other thing that comes to mind is that it might be trying to use the application pool ID as oppsed to the anonymous account. You can try changing the logon ID of the app pool to the domain account and see if this works ... I believe you will still need to have impersonation enabled for the site for this to work.
http://msdn.microsoft.com/en-us/library/134ec8tc(VS.80).aspx
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If you are copying the file from one server to another using an ASP file then IIS is using the anonymous account of the web server to execute the code. This being the case IUSR_<server name> being a local account on the server does not have permissions to any network resources.
THe easiest way to do this is to create a local account on the IIS server and one on the file server with the same name and password (or use a domain account if both machines are members of the same domain) and then grant the account appropriate NTFS and share persmissions on the file server and over ride the anonymous ID for the directory (or you might be able to do it at the file level and do it just for this page) with the ID and PW that you just created. Then when the page runs it will run under that new ID which should now have permissions to access the remote server and directory.