I've the following issue
I've a windows application
It calls a remote web service (for authentication)
It in turns call a web service (in the same remote machine) (to get a licensed file)
It saves the licensed file in All Users/Application Data in the system where the application is running
Which permission is used for saving the file in the Application Data folder? Either the web service's or the currently logged windows user's?
Update #1
So, i'm not able to save the license as the web service call is throwing a save error. How can i check the permissions of the folder?
Here is the code for creating my folder
licensePath = System.IO.Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData), "MyApp");
if (!Directory.Exists(licensePath))
Directory.CreateDirectory(licensePath);
Update #2
If i try to save it in the application's path itself (in bin/debug while debugging the application), it is working fine. Any ideas? I've tried just "C:\test" too. It's not working.
Thank you.
Regards
NLV
It will save the file with the permissions of the user that is running the windows application (which can be different from the logged in user - see RunAs).
The permission the windows application is running in.
Related
I've got an MVC site that i've published to a remote server running IIS, but I've got a problem with the site where I can upload documents to a folder (on that server, within the site header folder) via the site, but I get an "Access is denied" error whenever I try to read that same document.
At first I thought it may have been a simple permissions problem, but I checked the security on the folder and it's showing full control to domain users on it, and when I run the project locally through Visual Studio I can open it up without any problems.
I assumed it may be something to do with the context of the site running under IIS, but I don't know if the changes need to be made in IIS or on the folder permissions themselves.
Can someone help?
EDIT
I'm opening the file using Process.Start like:
System.Diagnostics.Process.Start("FilePath");
EDIT 2
I've edited the app pool that the site is running on and set it to allow the process to interact with the desktop, but this has not worked. I have also tried setting the App Pool to load the user profile based on suggestions I found elsewhere but that has not worked either. The only other suggestion i've found is to set the App Pool identity to "Local System", but people have said this is a security risk so I don't want to do this unless necessary.
I recently hosted a MVC application on machine and in solution I have a folder UploadedDocuments which i wants to secure. Actually when i browse URL like www.xyz.com/UploadedDocument it lists all the file even i didn't login to website
Note: Using Microsoft Interop for PDF conversion of docs in this directory.
wants to restrict the users who can browse folder but if a url with file name in folder and a user on website that is loggedin can access only with specified url
like www.xyz.com/UploadedDocument/abc.docx(except www.xyz.com/UploadedDocument)
thanks in advance!
In IIS, ensure that directory browsing is disabled.
On the file system, remove read access for any "normal" user accounts or groups, and have only the app pool account that IIS is running under with modify access to the folder (ie the "iis apppool\[MyApplication]" account).
You say you're using Microsoft interop for conversion. Is the conversion happening within the MVC application, or do you have another application / service performing the conversion? If the latter, also ensure that whatever account is running the other application / service has access to modify the folder.
I have developed one web application in c#(asp.net) and hosted in a server(say Server1). The application want the read and write access to a folder located in another server(network path) say server2. I can open the folder from server1 in windows explorer by typing the network path. But in application no access error is occurring(System.Unauthorisedexception). I dont know what access to which user I want to provide? Please help me.
Run your web application under an account that can access the folder on server2. Change the Identity of the Application Pool; more details at https://technet.microsoft.com/en-us/library/cc771170(v=ws.10).aspx.
I would like to know if it is possible to open a directory from intranet MVC application ? I have been searching about it but i don't found anything.
I tried to open from javascript using window.open('url') but i get unauthorized access.
Thanks,
Tiago MourĂ£o
IMPOSSIBLE !!!
web browsers does not have allow web pages to access to disk drives.
web pages only can read/write cookies.
FileUpload control allow access to the files, only with user action(scripts no allowed).
I found a way to do resolve this problem. If you create a background process using Process.Start('location'), the application opens directory folder.
Tips:
Process.Start() generally used in windows application and if used in
web applications, a process will start on server(not on user agent
that run current page).
you get unauthorized access error, because of IUser has limited
access ...
1) Web Applications can read/write any file and folders on server side with assigning permission.
2) WebApplication with Some sideway can access to file & folders in web pages (client side) !!!
with JavaScripts:
Write a browser add-on with requested functionality, then install on
user agent(browser).
now with call method/function in add-on, you can do the operations
that does not allowed with JavaScript & etc.
with VBScript(Obsoleted) that run/supported only in MsIE:
can using FileSystemObject to full access files and folders.
can using CreateObject to create instance of each object in OS and
working with it.
Finally my answer is IMPOSSIBLE.
To begin with, I developed a web application which reads an XML file from specific location and displays the contents on editable web page of the application,which is executed perfectly when the XML file is on the same machine/computer. When I try to read the same file on different computer on the network I cannot read the contents onto my web page.
My Observation:
When I access that file from run window in the computer by entering \xxx.xxx.xx.xx\c$ it gives me the window to connect to the machine asking for credentials and I guess the session is open. So I close the window and when I access the xml file from the web application it's able to read the content.
Is there a way to bypass this authentication mechanism which is part of windows when I use my web app to read the XML file or is there a way to accommodate the extra step to configure the authentication in my application?
I would be glad if someone can guide me to the solution.
Check the user your web application is running under and if this user is also permitted to access this location.
If you are using IIS to host the page you have to check the "AppPool" user and also the users which are used at the "Web Site" and "Application"
Just change IIS application pool user to "enough rights" user (right click current app pool - advanced settings - identity) or specify impersonation in the same name section in web.config.
Could it be possible to change your logic,
By storing file from different network to local machine where your code is running, through uploading file and process it.