locked
ASP.NET is not authorized to access the requested resource !!!!!!!!!!!!!!!!!!!!! RRS feed

  • Question

  • User-1160826939 posted

    Hi,

    I know that the problem which I am facing is very basic one and there are so many answers posted here. My problem is that I tried all those solution without any luck.

    Problem Description:

    I have one page where I am allowing user to upload .xls file. I am storing these files on server in a folder. I have given full access to one admin user for this folder. I have also added <identity impersonate="true" userName="domain\adminuser" password="password" /> line in web config.

    In addition to above I have also changed IUSR to admin user in IIS.

    After doing all above still its giving me following exception when I try to upload .xls file on the server.

    Server Error in '/' Application.

    Access to the path 'D:\ELI Test URL\ELI Portal\Temp\TestData.xls' is denied.

    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.UnauthorizedAccessException: Access to the path 'D:\ELI Test URL\ELI Portal\Temp\TestData.xls' is denied.

    ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.

    To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.

    Source Error:

    Line 64:         string strUploadFile = fldCustomerRegionsCopy.PostedFile.FileName.ToString().Substring(fldCustomerRegionsCopy.PostedFile.FileName.LastIndexOf("\\") + 1);
    Line 65: 
    Line 66:         fldCustomerRegionsCopy.PostedFile.SaveAs(Server.MapPath("Temp") + fldCustomerRegionsCopy.PostedFile.FileName.ToString().Substring(fldCustomerRegionsCopy.PostedFile.FileName.LastIndexOf("\\")));        
    Line 67: 
    Line 68:         //filePath = fldCustomerRegionsCopy.PostedFile.FileName.ToString();

    Note: Same page works on my laptop (Windows XP) but not on my test server (Windows 2003 Server). Only difference between these machines is that Test server has Active Directory installed on it.

    Any expert comments?

    Thanks in advance

    Regards,

    ND

     

    Friday, January 11, 2008 1:06 AM

Answers

  • User-952121411 posted

    Well I think the problem stems from leaving 'Anonymous Access' checked in IIS, even with the username/password you provided for the anonymous user.

    What I believe you need to do is un-check anonymous user and use 'Integrated Windows Authentication'  Make sure in the web.config you have this set too:

    <authentication mode="Windows" />

    At this point your other line in the web.config dictates impersonation, and your impersonated user credentials will be used.  The problem I think lies in the use of 'Anonymous Acess' in IIS.  It seems that you are on a domain so this should work.  Just beware that the entire app will run under those admins credentials that you want to be impersonated.  If that admin has elevated rights it could be a security risk.

    Also, a way to test who is being impersonated prior to saving off the file is to add this line to your code and see the name of the user:

    System.Security.Principal.WindowsIdentity.GetCurrent.Name()

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, January 11, 2008 11:32 AM

All replies

  • User-1994791518 posted

    Hi,

    Try this
    Open IIS manager then select  Web site  , expand web site and select folder .
    Right click on folder and then click Properties.
    In Directory tab give write permission.

    Friday, January 11, 2008 2:02 AM
  • User-1160826939 posted

    Tried that without any luck :(

    Thanks for your interest,

    Regards,

    ND

    Friday, January 11, 2008 5:15 AM
  • User-952121411 posted

    Well I think the problem stems from leaving 'Anonymous Access' checked in IIS, even with the username/password you provided for the anonymous user.

    What I believe you need to do is un-check anonymous user and use 'Integrated Windows Authentication'  Make sure in the web.config you have this set too:

    <authentication mode="Windows" />

    At this point your other line in the web.config dictates impersonation, and your impersonated user credentials will be used.  The problem I think lies in the use of 'Anonymous Acess' in IIS.  It seems that you are on a domain so this should work.  Just beware that the entire app will run under those admins credentials that you want to be impersonated.  If that admin has elevated rights it could be a security risk.

    Also, a way to test who is being impersonated prior to saving off the file is to add this line to your code and see the name of the user:

    System.Security.Principal.WindowsIdentity.GetCurrent.Name()

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, January 11, 2008 11:32 AM
  • User-1160826939 posted

    Thanks atconway,

    I have already unchecked 'anonymous access' and checked 'integrated windows authentication' option in IIS.

    I am using Forms authentication so my web config says,

    <authentication mode="Forms">

    Any other options?

    Regards,

    ND

    Monday, January 21, 2008 8:33 AM
  • User1164866317 posted

    Error is:

    Retrieving the COM class factory for component with CLSID {000209FF-0000-0000-C000-000000000046} failed due to the following error: 80070005.
    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.UnauthorizedAccessException: Retrieving the COM class factory for component with CLSID {000209FF-0000-0000-C000-000000000046} failed due to the following error: 80070005.

    ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.

    To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.

    The solution in my case was to add the following to the web.config:

    <system.web>
    <identity impersonate="true" userName="administrator" password="xxxxxxx" />

    </system.web>
     

    from: http://forum.katarincic.com/Default.aspx?g=posts&t=194 

    This also worked for me. 

    Tuesday, July 26, 2011 1:23 AM