Hi all,

I have the following code:

When an user upload a logo from Content Management System(which needs an
userid and password to login to upload files, but this user has an admin
permission of the server).
He got the following error message:

Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information about
the error and where it originated in the code.

Exception Details: System.UnauthorizedAccessException: Access to the path
'c:\Content\Images\Logos\34.jpg' is denied.

ASP.NET is not authorized to access the requested resource. Consider
granting access rights to the resource to the ASP.NET request identity.
ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or
Network Service on IIS 6) that is used if the application is not
impersonating. If the application is impersonating via <identity
impersonate="true"/>, the identity will be the anonymous user (typically
IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET access to a file, right-click the file in Explorer, choose
"Properties" and select the Security tab. Click "Add" to add the appropriate
user or group. Highlight the ASP.NET account, and check the boxes for the
desired access.

Line 471: //byte[] data = new byte[fileLength];

Line 472: //f.InputStream.Read(data, 0, fileLength);

Line 473: f.SaveAs(Server.MapPath("~/Content/Images/Logos/" +
UserState.CmsSalesStorage.Data.Client.ClientID + ".jpg"));

Line 474: }

Line 475:



Source File: c:\Cms\Sales\ClientSetup.aspx.cs Line: 473
But I don't get it since this is not an anonymous user case. Is it because
of file permission we didn't set in the code?

The line 473 code I presented as follow:

void SaveLogo()
{
if (fileUpload.HasFile)
{
HttpPostedFile f = fileUpload.PostedFile;
//int fileLength = f.ContentLength;
//byte[] data = new byte[fileLength];
//f.InputStream.Read(data, 0, fileLength);
f.SaveAs(Server.MapPath("~/Content/Images/Logos/" +
UserState.CmsSalesStorage.Data.Client.ClientID + ".jpg")); //this is line 473
}

}
--
Betty

Hi all,

The interesting part is this user can upload logo in the CMS system for
other web sites(Same userid and password), but not specifically for this
site. That means code for uploading file in the system is the same, but not
the same site.
Does that mean the sites are configured differently?

--
Betty


"c676228" wrote:

> Hi all,
>
> I have the following code:
>
> When an user upload a logo from Content Management System(which needs an
> userid and password to login to upload files, but this user has an admin
> permission of the server).
> He got the following error message:
>
> Description: An unhandled exception occurred during the execution of the
> current web request. Please review the stack trace for more information about
> the error and where it originated in the code.
>
> Exception Details: System.UnauthorizedAccessException: Access to the path
> 'c:\Content\Images\Logos\34.jpg' is denied.
>
> ASP.NET is not authorized to access the requested resource. Consider
> granting access rights to the resource to the ASP.NET request identity.
> ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or
> Network Service on IIS 6) that is used if the application is not
> impersonating. If the application is impersonating via <identity
> impersonate="true"/>, the identity will be the anonymous user (typically
> IUSR_MACHINENAME) or the authenticated request user.
>
> To grant ASP.NET access to a file, right-click the file in Explorer, choose
> "Properties" and select the Security tab. Click "Add" to add the appropriate
> user or group. Highlight the ASP.NET account, and check the boxes for the
> desired access.
>
> Line 471: //byte[] data = new byte[fileLength];
>
> Line 472: //f.InputStream.Read(data, 0, fileLength);
>
> Line 473: f.SaveAs(Server.MapPath("~/Content/Images/Logos/" +
> UserState.CmsSalesStorage.Data.Client.ClientID + ".jpg"));
>
> Line 474: }
>
> Line 475:
>
>
>
> Source File: c:\Cms\Sales\ClientSetup.aspx.cs Line: 473
> But I don't get it since this is not an anonymous user case. Is it because
> of file permission we didn't set in the code?
>
> The line 473 code I presented as follow:
>
> void SaveLogo()
> {
> if (fileUpload.HasFile)
> {
> HttpPostedFile f = fileUpload.PostedFile;
> //int fileLength = f.ContentLength;
> //byte[] data = new byte[fileLength];
> //f.InputStream.Read(data, 0, fileLength);
> f.SaveAs(Server.MapPath("~/Content/Images/Logos/" +
> UserState.CmsSalesStorage.Data.Client.ClientID + ".jpg")); //this is line 473
> }
>
> }
> --
> Betty

Hi all,

These two sites do have different IP addresses.

Does that mean the configuration for these two IPs could make differences?
That's the only thing I can think of since all directory configured the same
with this userID and password.
--
Betty


"c676228" wrote:

> Hi all,
>
> The interesting part is this user can upload logo in the CMS system for
> other web sites(Same userid and password), but not specifically for this
> site. That means code for uploading file in the system is the same, but not
> the same site.
> Does that mean the sites are configured differently?
>
> --
> Betty
>
>
> "c676228" wrote:
>
> > Hi all,
> >
> > I have the following code:
> >
> > When an user upload a logo from Content Management System(which needs an
> > userid and password to login to upload files, but this user has an admin
> > permission of the server).
> > He got the following error message:
> >
> > Description: An unhandled exception occurred during the execution of the
> > current web request. Please review the stack trace for more information about
> > the error and where it originated in the code.
> >
> > Exception Details: System.UnauthorizedAccessException: Access to the path
> > 'c:\Content\Images\Logos\34.jpg' is denied.
> >
> > ASP.NET is not authorized to access the requested resource. Consider
> > granting access rights to the resource to the ASP.NET request identity.
> > ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or
> > Network Service on IIS 6) that is used if the application is not
> > impersonating. If the application is impersonating via <identity
> > impersonate="true"/>, the identity will be the anonymous user (typically
> > IUSR_MACHINENAME) or the authenticated request user.
> >
> > To grant ASP.NET access to a file, right-click the file in Explorer, choose
> > "Properties" and select the Security tab. Click "Add" to add the appropriate
> > user or group. Highlight the ASP.NET account, and check the boxes for the
> > desired access.
> >
> > Line 471: //byte[] data = new byte[fileLength];
> >
> > Line 472: //f.InputStream.Read(data, 0, fileLength);
> >
> > Line 473: f.SaveAs(Server.MapPath("~/Content/Images/Logos/" +
> > UserState.CmsSalesStorage.Data.Client.ClientID + ".jpg"));
> >
> > Line 474: }
> >
> > Line 475:
> >
> >
> >
> > Source File: c:\Cms\Sales\ClientSetup.aspx.cs Line: 473
> > But I don't get it since this is not an anonymous user case. Is it because
> > of file permission we didn't set in the code?
> >
> > The line 473 code I presented as follow:
> >
> > void SaveLogo()
> > {
> > if (fileUpload.HasFile)
> > {
> > HttpPostedFile f = fileUpload.PostedFile;
> > //int fileLength = f.ContentLength;
> > //byte[] data = new byte[fileLength];
> > //f.InputStream.Read(data, 0, fileLength);
> > f.SaveAs(Server.MapPath("~/Content/Images/Logos/" +
> > UserState.CmsSalesStorage.Data.Client.ClientID + ".jpg")); //this is line 473
> > }
> >
> > }
> > --
> > Betty

Hi Betty,

From your description ,you're encountering some access permision issue when
trying to upload some file in Content Management System application,
correct?

Based on my understanding, the "username/password" requirement for upload
file (in Content Management System ) should be a login identity(forms
authentication). This identify will ensure that the client user has the
right to perform the upload operation on the CMS application.

However, at CMS side, the actual code (which get the uploaded file and save
it into the certain folder) is running under the CMS application's
executing account. Generally, such web application like CMS/sharepoint is
ASP.NET based, it will run under an worker process account(configured via
IIS application pool in IIS6). I think it is this account which doesn't
have the sufficient permission to access the image folder on server(the
c:\Content\Images\Logos\ folder in your case).

I suggest you use "Process Monitor" to verify the file access issue on the
webserver:

#How to use Process Monitor to Resolve an UnauthorizedAccessException.
http://stackoverflow.com/questions/1...onitor-to-reso
lve-an-unauthorizedaccessexception

#Process Monitor v2.03
http://technet.microsoft.com/en-us/s.../bb896645.aspx

together with process monitor, you can also compare the two CMS application
to see whether they're using different worker process account( which make
one of them can save upload file correctly). For information about
IIS/ASP.NET worker process account and how to change them, see the
following articles:

#Changing Worker Process Identity in IIS 6
http://www.windowsnetworking.com/kba.../AdminTips/Net
work/ChangingWorkerProcessIdentityinIIS6.html

http://blogs.iis.net/thomad/archive/...-model-feature
s.aspx

#Configuring ASP.NET Process Identity
http://msdn.microsoft.com/en-us/library/dwc1xthy.aspx

If you have anything unclear, please feel free to let me know.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
(E-Mail Removed).

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/en-us/subs...#notifications.

Note: MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 2 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions. Issues of this
nature are best handled working with a dedicated Microsoft Support Engineer
by contacting Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/en-us/subs.../aa948874.aspx
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.


--------------------
>From: =?Utf-8?B?YzY3NjIyOA==?= <(E-Mail Removed)>
>References: <5DDC82EB-1849-4C09-9D0E-(E-Mail Removed)>
<40076450-2B43-496B-89A8-(E-Mail Removed)>
>Subject: RE: Access to the path 'c:\Content\Images\Logos\34.jpg' is denied'
>Date: Tue, 13 Jan 2009 14:06:00 -0800

>
>Hi all,
>
>These two sites do have different IP addresses.
>
>Does that mean the configuration for these two IPs could make differences?
>That's the only thing I can think of since all directory configured the
same
>with this userID and password.
>--
>Betty
>
>
>"c676228" wrote:
>
>> Hi all,
>>
>> The interesting part is this user can upload logo in the CMS system for
>> other web sites(Same userid and password), but not specifically for this
>> site. That means code for uploading file in the system is the same, but
not
>> the same site.
>> Does that mean the sites are configured differently?
>>
>> --
>> Betty
>>
>>
>> "c676228" wrote:
>>
>> > Hi all,
>> >
>> > I have the following code:
>> >
>> > When an user upload a logo from Content Management System(which needs
an
>> > userid and password to login to upload files, but this user has an
admin
>> > permission of the server).
>> > He got the following error message:
>> >
>> > Description: An unhandled exception occurred during the execution of
the
>> > current web request. Please review the stack trace for more
information about
>> > the error and where it originated in the code.
>> >
>> > Exception Details: System.UnauthorizedAccessException: Access to the
path
>> > 'c:\Content\Images\Logos\34.jpg' is denied.
>> >
>> > ASP.NET is not authorized to access the requested resource. Consider
>> > granting access rights to the resource to the ASP.NET request
identity.
>> > ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS
5 or
>> > Network Service on IIS 6) that is used if the application is not
>> > impersonating. If the application is impersonating via <identity
>> > impersonate="true"/>, the identity will be the anonymous user
(typically
>> > IUSR_MACHINENAME) or the authenticated request user.
>> >
>> > To grant ASP.NET access to a file, right-click the file in Explorer,
choose
>> > "Properties" and select the Security tab. Click "Add" to add the
appropriate
>> > user or group. Highlight the ASP.NET account, and check the boxes for
the
>> > desired access.
>> >
>> > Line 471: //byte[] data = new byte[fileLength];
>> >
>> > Line 472: //f.InputStream.Read(data, 0, fileLength);
>> >
>> > Line 473: f.SaveAs(Server.MapPath("~/Content/Images/Logos/"
+
>> > UserState.CmsSalesStorage.Data.Client.ClientID + ".jpg"));
>> >
>> > Line 474: }
>> >
>> > Line 475:
>> >
>> >
>> >
>> > Source File: c:\Cms\Sales\ClientSetup.aspx.cs Line: 473
>> > But I don't get it since this is not an anonymous user case. Is it
because
>> > of file permission we didn't set in the code?
>> >
>> > The line 473 code I presented as follow:
>> >
>> > void SaveLogo()
>> > {
>> > if (fileUpload.HasFile)
>> > {
>> > HttpPostedFile f = fileUpload.PostedFile;
>> > //int fileLength = f.ContentLength;
>> > //byte[] data = new byte[fileLength];
>> > //f.InputStream.Read(data, 0, fileLength);
>> > f.SaveAs(Server.MapPath("~/Content/Images/Logos/" +
>> > UserState.CmsSalesStorage.Data.Client.ClientID + ".jpg")); //this is
line 473
>> > }
>> >
>> > }
>> > --
>> > Betty
>

Hi Steve,

Nice to hear from you again! It's like old friends chat online.

The information you provided here is very helpful.
I will try to find out why is that. I just don't have enough time to deal
with the issue right now since there is way around--ask the administrator to
manually move the file to the server.

The funny part is it worked fine before for everybody. Now the upload
application works for nobody. I don't know what kind of changes could
possibly cause that kind of behavior. As far as I know nobody in the
administration group will manually change the work process without our
request.

Thanks,
--
Betty


""Steven Cheng"" wrote:

> Hi Betty,
>
> From your description ,you're encountering some access permision issue when
> trying to upload some file in Content Management System application,
> correct?
>
> Based on my understanding, the "username/password" requirement for upload
> file (in Content Management System ) should be a login identity(forms
> authentication). This identify will ensure that the client user has the
> right to perform the upload operation on the CMS application.
>
> However, at CMS side, the actual code (which get the uploaded file and save
> it into the certain folder) is running under the CMS application's
> executing account. Generally, such web application like CMS/sharepoint is
> ASP.NET based, it will run under an worker process account(configured via
> IIS application pool in IIS6). I think it is this account which doesn't
> have the sufficient permission to access the image folder on server(the
> c:\Content\Images\Logos\ folder in your case).
>
> I suggest you use "Process Monitor" to verify the file access issue on the
> webserver:
>
> #How to use Process Monitor to Resolve an UnauthorizedAccessException.
> http://stackoverflow.com/questions/1...onitor-to-reso
> lve-an-unauthorizedaccessexception
>
> #Process Monitor v2.03
> http://technet.microsoft.com/en-us/s.../bb896645.aspx
>
> together with process monitor, you can also compare the two CMS application
> to see whether they're using different worker process account( which make
> one of them can save upload file correctly). For information about
> IIS/ASP.NET worker process account and how to change them, see the
> following articles:
>
> #Changing Worker Process Identity in IIS 6
> http://www.windowsnetworking.com/kba.../AdminTips/Net
> work/ChangingWorkerProcessIdentityinIIS6.html
>
> http://blogs.iis.net/thomad/archive/...-model-feature
> s.aspx
>
> #Configuring ASP.NET Process Identity
> http://msdn.microsoft.com/en-us/library/dwc1xthy.aspx
>
> If you have anything unclear, please feel free to let me know.
>
> Sincerely,
>
> Steven Cheng
>
> Microsoft MSDN Online Support Lead
>
>
> Delighting our customers is our #1 priority. We welcome your comments and
> suggestions about how we can improve the support we provide to you. Please
> feel free to let my manager know what you think of the level of service
> provided. You can send feedback directly to my manager at:
> (E-Mail Removed).
>
> ==================================================
> Get notification to my posts through email? Please refer to
> http://msdn.microsoft.com/en-us/subs...#notifications.
>
> Note: MSDN Managed Newsgroup support offering is for non-urgent issues
> where an initial response from the community or a Microsoft Support
> Engineer within 2 business day is acceptable. Please note that each follow
> up response may take approximately 2 business days as the support
> professional working with you may need further investigation to reach the
> most efficient resolution. The offering is not appropriate for situations
> that require urgent, real-time or phone-based interactions. Issues of this
> nature are best handled working with a dedicated Microsoft Support Engineer
> by contacting Microsoft Customer Support Services (CSS) at
> http://msdn.microsoft.com/en-us/subs.../aa948874.aspx
> ==================================================
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
> --------------------
> >From: =?Utf-8?B?YzY3NjIyOA==?= <(E-Mail Removed)>
> >References: <5DDC82EB-1849-4C09-9D0E-(E-Mail Removed)>
> <40076450-2B43-496B-89A8-(E-Mail Removed)>
> >Subject: RE: Access to the path 'c:\Content\Images\Logos\34.jpg' is denied'
> >Date: Tue, 13 Jan 2009 14:06:00 -0800
>
> >
> >Hi all,
> >
> >These two sites do have different IP addresses.
> >
> >Does that mean the configuration for these two IPs could make differences?
> >That's the only thing I can think of since all directory configured the
> same
> >with this userID and password.
> >--
> >Betty
> >
> >
> >"c676228" wrote:
> >
> >> Hi all,
> >>
> >> The interesting part is this user can upload logo in the CMS system for
> >> other web sites(Same userid and password), but not specifically for this
> >> site. That means code for uploading file in the system is the same, but
> not
> >> the same site.
> >> Does that mean the sites are configured differently?
> >>
> >> --
> >> Betty
> >>
> >>
> >> "c676228" wrote:
> >>
> >> > Hi all,
> >> >
> >> > I have the following code:
> >> >
> >> > When an user upload a logo from Content Management System(which needs
> an
> >> > userid and password to login to upload files, but this user has an
> admin
> >> > permission of the server).
> >> > He got the following error message:
> >> >
> >> > Description: An unhandled exception occurred during the execution of
> the
> >> > current web request. Please review the stack trace for more
> information about
> >> > the error and where it originated in the code.
> >> >
> >> > Exception Details: System.UnauthorizedAccessException: Access to the
> path
> >> > 'c:\Content\Images\Logos\34.jpg' is denied.
> >> >
> >> > ASP.NET is not authorized to access the requested resource. Consider
> >> > granting access rights to the resource to the ASP.NET request
> identity.
> >> > ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS
> 5 or
> >> > Network Service on IIS 6) that is used if the application is not
> >> > impersonating. If the application is impersonating via <identity
> >> > impersonate="true"/>, the identity will be the anonymous user
> (typically
> >> > IUSR_MACHINENAME) or the authenticated request user.
> >> >
> >> > To grant ASP.NET access to a file, right-click the file in Explorer,
> choose
> >> > "Properties" and select the Security tab. Click "Add" to add the
> appropriate
> >> > user or group. Highlight the ASP.NET account, and check the boxes for
> the
> >> > desired access.
> >> >
> >> > Line 471: //byte[] data = new byte[fileLength];
> >> >
> >> > Line 472: //f.InputStream.Read(data, 0, fileLength);
> >> >
> >> > Line 473: f.SaveAs(Server.MapPath("~/Content/Images/Logos/"
> +
> >> > UserState.CmsSalesStorage.Data.Client.ClientID + ".jpg"));
> >> >
> >> > Line 474: }
> >> >
> >> > Line 475:
> >> >
> >> >
> >> >
> >> > Source File: c:\Cms\Sales\ClientSetup.aspx.cs Line: 473
> >> > But I don't get it since this is not an anonymous user case. Is it
> because
> >> > of file permission we didn't set in the code?
> >> >
> >> > The line 473 code I presented as follow:
> >> >
> >> > void SaveLogo()
> >> > {
> >> > if (fileUpload.HasFile)
> >> > {
> >> > HttpPostedFile f = fileUpload.PostedFile;
> >> > //int fileLength = f.ContentLength;
> >> > //byte[] data = new byte[fileLength];
> >> > //f.InputStream.Read(data, 0, fileLength);
> >> > f.SaveAs(Server.MapPath("~/Content/Images/Logos/" +
> >> > UserState.CmsSalesStorage.Data.Client.ClientID + ".jpg")); //this is
> line 473
> >> > }
> >> >
> >> > }
> >> > --
> >> > Betty
> >
>
>

Hi Betty,

Nice to hear from you too and thanks for the prompt reply.

No problem. If you managed to have time to work on this issue later,
welcome to post here.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
(E-Mail Removed).

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/en-us/subs...#notifications.

c676228 wrote:
> Exception Details: System.UnauthorizedAccessException: Access to the path
> 'c:\Content\Images\Logos\34.jpg' is denied.
>

> f.SaveAs(Server.MapPath("~/Content/Images/Logos/" +
> UserState.CmsSalesStorage.Data.Client.ClientID + ".jpg")); //this is line 473

From this code and the error message, it appears that the web site is
configured to use c:\ as root folder. If that is the case, it's not
surprising if you have problems with it...

--
Göran Andersson
_____
http://www.guffa.com

Goran,

Can you explain a bit more? The interesting part is our site administrator(a
vendor)
somehow made it work and I am not aware of any changes ever since. Now it
does not work any more.
--
Betty


"Göran Andersson" wrote:

> c676228 wrote:
> > Exception Details: System.UnauthorizedAccessException: Access to the path
> > 'c:\Content\Images\Logos\34.jpg' is denied.
> >
>
> > f.SaveAs(Server.MapPath("~/Content/Images/Logos/" +
> > UserState.CmsSalesStorage.Data.Client.ClientID + ".jpg")); //this is line 473
>
> From this code and the error message, it appears that the web site is
> configured to use c:\ as root folder. If that is the case, it's not
> surprising if you have problems with it...
>
> --
> Göran Andersson
> _____
> http://www.guffa.com
>

c676228 wrote:
> Goran,
>
> Can you explain a bit more? The interesting part is our site administrator(a
> vendor)
> somehow made it work and I am not aware of any changes ever since. Now it
> does not work any more.

Put something like this in a page to display the path of the root folder:

<%=Server.MapPath("~")%>

Normally this should be something like "C:\InetPub\SiteName\", if it's
instead "C:\" then the site is misconfigured.

--
Göran Andersson
_____
http://www.guffa.com