I'm developing an ASP.NET (webforms) web application only for our intranet company.
I've a network share / repository, say Z:\MyRepository\ , obviously outside c:\inetpub\wwwroot.
I need to "serve" these files from my web application.
My question is:
Which permissions I need to add to Z:\MyRepository\ . IIS_USR ? Others ?
How to send file ? Using Response.Transmit ?
Thanks
Normally the app pool user which your application is running under will be the user which needs access on the file share.
To simplify things in your application, you could also create a virtual directory in IIS and map it to the file share. This has a number of advantages, but mainly:
It makes it simpler to reference files from within the application.
If the network path changes, you only need to update your virtual directory.
You can also specify a different user for the virtual directory to use.
Related
This relates to my previous post.
https://stackoverflow.com/questions/45937117/c-sharp-unbale-to-access-
downloads-folder?noredirect=1#comment78832001_45937117
What I want is to access "Downloads" folder from an ASP.Net web application.
string pathUser =
Environment.GetFolderPath(Environment.SpecialFolder.UserProfile);
string pathDownload = Path.Combine(pathUser, "Downloads");
string commentImagePath =pathDownload +"\\test.png";
Then I realized that the above code works in a Desktop application.
That is the UserProfile is available in that "Environment", but not in the web application's environment.
I have some download happening, and the content will be downloaded to the "Downloads" folder.
That is why I need the "Downloads" folder . I need to access that content.
Please help me with this.
Think that the Downloads folder is different for each user in the system , so you'll get c:\users\usera\downloads and c:\users\userb\downloads. So when you mean Downloads, you actually mean a different physical path.
At the same time, your ASP .NET application, if hosted in IIS will impersonate a specific user, so make sure that user has enough privileges to the path of interest. Also consider that the Downloads folder might be a folder that Windows will protect by default from being accessed across accounts.
I think you'd be better off saving files to a specific folder relative to your root of the website. Otherwise try to map specific folders from your drive as a Virtual Directory in IIS so the site would see it as relative to root, whilst in reality it lives somewhere else.
I recently hosted a MVC application on machine and in solution I have a folder UploadedDocuments which i wants to secure. Actually when i browse URL like www.xyz.com/UploadedDocument it lists all the file even i didn't login to website
Note: Using Microsoft Interop for PDF conversion of docs in this directory.
wants to restrict the users who can browse folder but if a url with file name in folder and a user on website that is loggedin can access only with specified url
like www.xyz.com/UploadedDocument/abc.docx(except www.xyz.com/UploadedDocument)
thanks in advance!
In IIS, ensure that directory browsing is disabled.
On the file system, remove read access for any "normal" user accounts or groups, and have only the app pool account that IIS is running under with modify access to the folder (ie the "iis apppool\[MyApplication]" account).
You say you're using Microsoft interop for conversion. Is the conversion happening within the MVC application, or do you have another application / service performing the conversion? If the latter, also ensure that whatever account is running the other application / service has access to modify the folder.
So I have an ASP.net project hosted on Azure that runs.exe executables supplied by users.
Think of it like an online web terminal simulator.
I'm running the submitted exe's with Process.Start().
How do I specify access restrictions when running a user-provided executable.
For example, I want to sandbox the execution in a particular directory so that a malicious exe will not be able to see or copy my files in other locations.
And I want the exe process to time out after say 5 mins so it does not hold up my process pool.
Basically, I want to run the exe in a very controlled, secure environment and at the first sign of it doing anything fishy I kill it.
What'd be the best way to do this in an ASP.net project hosted on Azure?
This will explain how to use the AppDomain class to sandbox the application.
And this will explain how to load the executable into the AppDomain.
Please notice this will work for .NET executables only.
Good luck!
There is very little documentation on this but, in Windows Azure Websites (PAAS)
your website located here :
d:\home\site\wwwroot
which actually mapping for :
C:\DWASFiles\Sites\[your website name]
you can't access any parent folder above that folder in C: partition in Azure Websites. But yes you have full access to other drives. (D:)
Windows Azure Websites is a managed solution, so you will have less control over the deployment or access restrictions. For more fine grained control over the deployment\impose access restrictions I suggest adopting Windows Azure Virtual Machines\Web Roles.
Hope the above info helps !! Happy Coding.
We have two separate web applications for a site: One for the site itself, and one for the cms/administration side. I'm not sure why the original developer designed it this way, but whatever.
I am tasked with adding some functionality to the administration side that uploads files. These files then need to exist within the folder structure of the actual site. I was thinking I might have to write a web service that sits on the actual site that accepts the file bytes and file name from a call within the administration site, and creates the file in the correct folder, but I was wondering if anyone had any ideas about a cleaner way to accomplish the same thing.
In general, how would you tackle a scenario where you upload a file on one site, and send it to the directory structure in another?
Thanks in advance!
The solution I ended up going with is to store the full file path to the other site in the web.config. It's not the most elegant solution, but it works and I'm mildly happy with it since it is easily maintainable across dev/staging/production.
You could create a Windows Service to transfer the uploaded files from one folder to another.
After a file is uploaded on the admin site, the windows service moves the file over to the correct location on the other site. You just need to decide how to communicate with the service - you could add details about the uploaded file to a message queue that the service monitors or perhaps you windows service might just watch the upload folder for any new files.
Can you access a Virtual Directory outside of an ASP.NET site?
For example, in a Console application?
I would configure ftp folder under iis which is pointing to that mentioned directory and then using ftp protocol and windows or active directory user give some application access rights to it. Dose it solve youre issue? By using ftp connection you can do anything you want in that directory by any program you want. Of course as long as this program is able to use frp protocol. Or insted of it you can log remotly to that host using microsoft tool named psexec and run for exzample some but on you target host. There are many possibiliteis.
You can find some ready and usefull code in C# or vb.net which is implementing ftp client on google.
Off the top of my head..Have you already looked into System.DirectoryServices namespace for this. That should also include reading/writing virtual directories. Let me know If this helps.
I'm confused on what you mean by "access"? Are you trying to access the:
physical files that are stored in the Virtual Directory (Ftp/UNC/Webdav access via file services)
Virtual Directory with a view to manage it and change its properties (using the Microsoft.Web.Administration assembly)
data that the Virtual Directory presents (Web services/Scraping etc.)
I think you need to be a little clearer with your question if you want a useful answer.
We use mapped drives and permissions setup on the App Pool for the application to access other directories on other servers.