File permission issues

[Ethan Strauss]

Hi,
I have a C#.Net 2.0 web app which needs to be able to read a bunch of
files from a user's computer, but I have not be able to get it to do so
without "Access denied" errors.
The main piece of code is simple
List<FileInfo> AllFiles = new List<FileInfo>();

System.Security.Permissions.FileIOPermission MyPermissions = new
System.Security.Permissions.FileIOPermission
System.Security.Permissions.FileIOPermissionAccess.AllAccess,
ThisSourceDirectory.FullName);

MyPermissions.Assert();

foreach (FileInfo ThisFile in ThisSourceDirectory.GetFiles())

{

{

AllFiles.Add(ThisFile);

}

}

ThisSourceDirectory is on a networked drive to which everyone in the company
should have access.
I have set <identity impersonate = "true"/> in my web.config file.
The page is running from IIS from my machine and I have Integrated Windows
Authentication turned on.
I have logged in as another user and I can see that
System.Environment.UserDomainName & System.Environment.UserName seem to be
set correctly.
The lines above in which I create and assert "MyPermissions" run without any
complaints, but the next line (with "GetFiles"), gives me access denied
errors.

When I log in as myself, everything runs just fine.

I would appreciate any help.

Thanks!

Ethan

Ethan Strauss Ph.D.
Bioinformatics Scientist
Promega Corporation
2800 Woods Hollow Rd.
Madison, WI 53711
608-274-4330
800-356-9526
(e-mail address removed)

 

[Guest]

Why not just make the folder a virtual directory in IIS under your web
application and set the proper permissions there?
-- Peter
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net

 

[Ethan Strauss]

That is essentially what I did for development of the functionality after
the upload, but I need users other than me to be able to upload batches of
files to process. I don't want them to have to ask me each time they have a
batch to deal with or to have to upload files individually. If there is a
way to allow them to transfer everything to a virtual directory, that might
work, but I don't know of a way to do that without having the app read the
files.
Thanks,
Ethan

 

[Beemer Biker]

That is essentially what I did for development of the functionality after
the upload, but I need users other than me to be able to upload batches of
files to process. I don't want them to have to ask me each time they have
a batch to deal with or to have to upload files individually. If there is
a way to allow them to transfer everything to a virtual directory, that
might work, but I don't know of a way to do that without having the app
read the files.
Thanks,
Ethan

We have a similar situation and so far we have elected to let the "project
manager" handle the upload. Eventually he (or she) will have the same
complaint you do: not haveing time to do the upload. We will be working on
that but right now is is not a problem.

Because our users frequently have a hierarchy they want to preserve, we
elected to let them use explorer to browse their directory and copy and
paste the entire structure into(for example) \\acqlib\INCOMING Our
"project manager" then runs a python script that moves the structure to
\\acqlib\data which is read only. It also lists all those files, the path
to the files and puts those paths (along with ownership info) into a
postgresql Sql Server Datebase (the same acqlib system). This is a linux
system that is "free" and the data and incoming are samba shares that the
windows users access. The web server is XP -Pro running IIs with the "free"
postgresql odbc drivers.

I did the web page project (aspx) and used VS2005. We have found that when
you have a microsoft network, and a microsoft trained network manager, if
you then have a linux based database system you find that the "network
manager" has very little say so about how it gets run. ie: it does not get
moved into his or her turf where you got to ask permission for every little
change.

As far as your access problems, I have found that if I can use explorer to
browse and "read" a file, then the web page works. If I cannot browse and
"read" the file, the IE7 or IE6 permissions are not set correctly or the
user is not "authenticated". Sometimes the event viewer gives a better
error message about why a directory cannot be listed or a file read on a
share.

HTH

--
======================================================================
Joseph "Beemer Biker" Stateson
http://TipsForTheComputingImpaired.com
http://ResearchRiders.org Ask about my 99'R1100RT
======================================================================