File.Open not working under Windows 2008R2 IIS with Admin Credentials. Works under VS2010 Cassini_问答_开发者

File.Open not working under Windows 2008R2 IIS with Admin Credentials. Works under VS2010 Cassini

开发者 https://www.devze.com 2023-02-06 17:32 出处：网络

The following code works fine under Cassini, but not at all under IIS. I get file not found, and am unable to get files on a remote share, or locally when I tested C:\\test.pdf (to test IIS permission

The following code works fine under Cassini, but not at all under IIS. I get file not found, and am unable to get files on a remote share, or locally when I tested C:\test.pdf (to test IIS permissions)

The intent of this application is to make a HTTP proxy that will allow files to be retrieved through a secure URL. The security code has been omitted from this sample. I'm just focusing on file access in this plain-vanilla sample.

I've made sure that the

Application pool (Process Model Identity) is running a Domain Admin account
Website Physical Path Credentials are running under the same admin account
The admin account has both Batch and Run as a Service rights in the local policy.

I access the WCF service using the following URL

http://localhost:1651/services/GetFile.svc/get?swt=\\remoteserver\share\file.pdf

[ServiceContract(SessionMode = SessionMode.NotAllowed)]
public interface IGetFile
{
    [OperationContract]
    [WebGet(UriTemplate = "/get?swt={filename}", RequestFormat = WebMessageFormat.Xml, ResponseFormat = WebMessa开发者_运维问答geFormat.Xml, BodyStyle = WebMessageBodyStyle.Bare)]
    Stream Get(string filename); 
}


 [ServiceBehavior(InstanceContextMode = InstanceContextMode.Single)]
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
public class GetFile : IGetFile
{
    bool debug = true;

    public Stream Get(string filename )
    {
        //this will cause the file dialog to show the file name instead of "get" 
        WebOperationContext.Current.OutgoingResponse.Headers.Add( "Content-disposition", string.Format("inline; filename={0}", filename));
        WebOperationContext.Current.OutgoingResponse.ContentType = "application/octect-stream";

        FileStream fs1= null;

        //WindowsIdentity winId = new WindowsIdentity("aamankow@nfp.com");
        //using (winId.Impersonate())
        {
            try
            {
                fs1 = File.OpenRead(filename);
            }
            catch (FileNotFoundException e)
            {
                if (debug)
                throw;
                else
                return null;
            }
            catch (IOException e)
            {
                if (debug)
                throw;
                else
                // message: Either a required impersonation level was not provided, or the provided impersonation level is invalid.
                return null;
            }
        }

        return fs1;

Under your test system and cassini, you're running as your own user account, which has permissions to the root of the C:\ drive. Under IIS, you're running under a special account which does not have permissions to the root of the C:\ drive. It's poor practice to place files needed for your web site at this location.

The code above doesn't work on version 3.5... just 4.0

Changing the app pool to 4.0 fixed the issue, and allowed me to read from any UNC