I have an ASP.NET website which is using a filestream to read in a PDF image from a UNC share on a remote server 2003 box.
i attempt to load the file on the site (which simply embeds a PDF viewer on the site) but when i debug the code, it's throwing a security exception when i attempt开发者_如何学Go to access the file.
access to _________ path is denied.
So I granted access to the UNC path directory to the ASPNET user. I also granted access to the user that's specified for anonymous access in the site itself in IIS. That did not work.
However, I when grant "everybody" access and the file comes through.
So, I need to know WHO is trying to access the file. the assumption is either the ASPNET user or the anonymous user setup in IIS. neither of which is gaining access.
I tried to set up file auditing on the Server 2003 box but it's not logging a failure in the security event log when I get an access denied exception.
System.Security.Principal.WindowsIdentity.GetCurrent().Name
will get you the current user name, you could output this user to the screen or to a log file to check who it is.
The ASPNET user is the windows account that ASP.NET runs under, this is probably not the user who will be accessing the file. You may need to explicitly grant privileges to the anonymous user to access the network (IUSR_MACHINENAME perhaps).
EDIT:
As you have enabled anonymous access in IIS, you can force your app to use anonymous access by modifying your web.config to use Forms authentication. Search for '
<authentication mode="Forms" />
or
<authentication mode="Forms">
<forms loginUrl="~/Login.aspx" timeout="2880"/>
</authentication>
I realized the issue I was having. For some reason it was the NETWORK SERVICE that was trying to access the file rather than ASPNET or IUSR. I granted read access to the NETWORK SERVICE to that directory and all is well. Thanks again.
精彩评论