Just a quick question, where do I put the exe that I am trying to launch in an ASP project? It cant see it in the bin folder.
You need to pass a full path to Process.Start:
Process.Start(Server.MapPath("~/bin/whatever.exe"));
However, ~/bin/ is meant for .Net assemblies; it's generally better to put external EXEs in ~/App_Data/.
Note that you can only execute programs on the server, not the client.
Remember that your Website is running on a server so if you Shell anything (Process.Start in an ASP.Net application) it will be opened on the Server - not the Client PC.
Be sure you test this in production and when you do shell processes on a server (which I would not advise) dont forget to close them, otherwise you will end up with strange errors on the server.
To avoid security concerns and multiple process running in parallel. from asp page i would rather prefer to queue up the request for process start in some table than have other process like windows service in background to pick it up from queue and execute.
Path.Combine(Server.MapPath(Request.ApplicationPath), "PathToExeFromWWWRoot");
Related
I have an ASP.NET Web API in which I am trying to download a ZIP file through a controller - say, DownloadZipController.
For generating this ZIP file, my controller method calls a factory method createandGetZip which launches an exe and waits for the EXE to finish its execution. When the EXE produces the ZIP it is passed to the factory method createandGetZip. This ZIP generation takes some time - around 2 minutes.
I have hosted this web api on IIS server with the AppPool identity as LOCALSYSTEM.
My question is: is this the best way to launch an EXE from my code hosted on IIS server? Or is there any other way to launch the EXE from the code without giving AppPool identity as LOCALSYSTEM as I have read that this may lead to a security breach.
Please advise me on the best possible way or just a way better than what I am currently using.
I believe this is fine in practice (I do this often with DoScan.exe, the Symantec virus scanner). Try to guard against the external process spinning forever, and limit the app pool security rights on the EXE, if that matters to you.
Also, of course, make sure you know what the EXE is doing.
I have an ASP.NET MVC website which clients post files to as part of an order process. These files can be up to 200MB. I have a need to transfer these files to another server via FTP. I don't really want to burden IIS with this. So was thinking of writing c# app to handle the file transfer which ran every x minutes and use windows service to run it.
Would this be an ok solution or is there something that could handle this for me already?
If I wrote the application should I let windows service handle the scheduling i.e. start the app every x minutes or should I just get it start the app on say startup and let the app handle the sleep/wakeup.
I was envisaging something quite rudimentary. Using SQL to track what needs uploading and has been uploaded. Are there any other considerations particular to a window service?
The website runs on iis8 on a windows 2012 vps.
One architecture tip -- use a simple executable and a scheduled task rather than write a service. You don't need to worry about memory leakage over months then.
You could probably implement this without writing any code -- you can script ftp.exe pretty effectively. I'd just script it to push all the files, and then, presuming FTP.EXE exited with 0, to clean out the uploads folder and rinse and repeat.
I want to run an exe on client system from my c# asp.net website. When I use Process.Start()
it throws an error:
The requested operation requires elevation.
How do I set permissions to run that exe?
You can't spawn processes on the client machine from server-side code.
When you use Process.Start in server-side code, it is attempting to execute the process there, on the server where the website is hosted. If you wanted to create processes on the clients computer then you would need to expose a download for them (and not in employing subterfuge, like malign sites might do to install software - supply it gracefully, and normally (and with permission)), or a Silverlight application or something along those lines.
The bottom line is that the code you want to execute (even if that is just to spawn a process) must reside on the client, and be executed there.
You can't run an application from a web server like that. You will have to have the user download the application by supplying the EXE, a setup file or using ClickOnce.
Or you can develop an ActiveX control that you can have the browser automatically download from a Trusted Internet Zone.
Once downloaded, proper signing with a certificate (signed from the trusted (corporate) root certificate) will avoid the user getting a prompt to ask whether he wishes to allow the ActiveX control to install/be activated -
The ActiveX control can subsequently do anything the interactively logged on user could. This means that to actually install a program you'd need to elevate (UAC on Vista+); But if the goal was just to run a standalone executable, you should be good to go.
This all assumes white-hat purposes in a (larger) corporate setting, because it relies on PKI infrastructure and central browser policies, to name just two.**
This would, really, lead to some excellent questions on serverfault or superuser
I noticed you said you wanted to run an exe file on the client, but you didn't say explicitly that the exe is on the server and you want to push it to the client. Everyone seems to be assuming that is the case.
You CAN accomplish this fairly easily with a small JavaScript if you have a few prerequisites:
The executable is already present on the client machine.
All of your clients are running IE
You can enforce a policy to put your site in the Intranet or Trusted
Sites zone.
So basically this means it's a corporate intranet application. I am assuming this is probably the case since, well, if you were expecting to do this with a public app, I would be surprised.
For the script to accomplish this, please see my answer to this question:
How can I get a program on a client machine to run from an ASP.NET page?
There is a Web Service installed on Amazon Server. Exposed WebMethod should start an executable. But, it seems that process (executable) started by WebMethod has not permissions to finish its job. If a WebMethod is called locally (using IE on Amazon VM) I can trace some events into log file placed on the path: C:\\LogFiles. But, if it is called from remote machine, there is no even log files. Locally, on my machine all works fine.
The question: is there any way or settings in IIS7 to allow to my WebService to create process that can do everything I want to do? In web.config file I added a line:
<identity impersonate="true" userName="USERNAME" password="password"/>
(userName and password are, of course, written correctly in the file).
Also, I tried to use impersonization as it is explained here, but there is no result. My process can't do its job, it cannot even trace actions into log file. Locally, on my machine, everything works fine.
Any idea how to change settings or whatever into IIS7?
EDIT: In addition to the main question: my WebService is not able even to create log files on the path: C:\\LogFiles - although it is able if it started locally, but remotely there is no simple log file that contains some string. How to allow it to create simple text files?
If all else fails, you may start such a process separately and make it wait for a signal. You can supply a signal in many ways — via an IP socket, via a mailslot, via a named pipe. The web service will post requests to the command pipe (or queue), and the 'executor' process will pop commands, execute them, and wait for more commands.
You should avoid trying to start external processes from ASP.NET - if anything, because your application will then be running under the context of the ASP.NET account. (Yes, you could use impersonation to launch into another account, but, lets not go there)
Instead, install a Windows Service which can receive a signal* to launch the executable you wish.
This has the advantage that you can customise what account the service runs under, without putting passwords inside your code.
(*) Signalling could be achieved through a number of means:
WCF Service Call (using a WCF Service being hosted by the Windows service)
Monitoring for a filesystem change to a known directory.
If you were using Linux, I would have given you the smartest solution ever, setting SUID flag, which is not possible in Windows.
The problem with impersonation is that it works as soon as you have some control over the server machine, more than having appropriate credentials.
You mentioned Amazon VM: I'm pretty certain that they won't allow, for security reasons, to perfrom impersonation. [Add] Or, better, they won't allow anybody to write in C:\
Option 1
Switch to Mono/Linux, set SUID bit using chmod from console and rock!!
Option 2
If you can run the executable other way than ASP.NET (ie. you have a Remote Desktop, SSH*) as privileged account (note: privileged doesn't mean Administrator) then you can redesign your application to have ASP.NET invoke services from your daemon process using WCF, Web Services or Remoting. But, in this case, you have to redesign your executable to be a stand-alone server.
[Add] None of the solution fix if your hosting provider doesn't allow you to write in paths such as C:\, but only allows you to write under your home directory.
*It works on Windows too!!!! And I mean the server!!!
I have an (console, .NET 3.5, C#) application that I'm trying to call from a Windows Server (2003, with .NET 3.5) from a system (Windows server 2003 with .NET 2.0) via a scheduler (the scheduler app is called 24x7, it's a script based scheduler, in this case, it calls the executable strait up, no parameters, etc).
The issue is when it tries to call it, it sees it as a file and tries to "download" it. I've tried running the app from the command prompt, only to get the same results. I've tried everything I can think of, even writing a launchpad type application and using that to call the app, but I get the same results every time.
Am I missing something? Is there a security flag or something I've overlooked? I've never seen this before.
Edit: Sorry, forgot to mention that the app is being called via full UNC path (\myserver\myfolder\myapp.exe)
hmm.... how exactly are you "calling" this application? via SMB? (i.e. by executing the command \\myserver\sharepath\foo.exe from a command line)
If so, your application doesn't run with the same permissions and you can run into code access issues, but that'll come as an error message, rather than a file download.
The fact that you're getting a file download leads me to believe that you're trying to "run" the console application over http, but I don't have enough information to know for sure, hence my question.