Access Denied

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have written a Web Service in C# that attempts to log error information on
our Web Server. The code below sets the path where the error information is
to be written:

string sFilePath = Server.MapPath("XML/")
ExceptionManager.PublishIt(sStartElement,sFilePath, sLog,sKey,sStoredProc,oParms);

I am calling a procedure that writes the data out to an XML file on the
server. I get an Access Denied error when I try to run this line of code:

StreamWriter sw = new StreamWriter (sFileName, false, Encoding.UTF8);

This codes works when I am writing error data to a directory on a user's
local machine but when I use the Web Service to log the error, an access
denied error occurrs.

How can I overcome this security issue on a Web Server so that I can write
to a file?
 
The account that your WebService is running under does not have write
permissions. You have basically two choices:

1) Determine the account (ASPNET, IUSR_<YourMachineName> ) that the service
is running under and grant it modify permissions on the folder where you
need to write your log. (you may need to do this both in IIS and for the
physical file folder with ACL's as well)
2) Try changing your -processModel "userName" attribute in machine.config
file from "machine" to "system". Note that this option is the "brute force"
approach and can have security consequences.
--Peter
 
Thanks Peter...
Now I will really show my ignorance. I have looked in IIS and cannot find
ASPNET or "IUSER_<anything>". I am right clicking the folder where I want
the files to be written and looking under properties and clicking on "Modify"
and I still get "Access to the path
\"C:\\Inetpub\\wwwroot\\ExceptionManager\\ExceptionManager\\bin\\xml\\logfile.xml\" is denied."

Can you step me through the process or send me to an article on MSDN to
explain this process. I am sure it is very basic but I just can't figure it
out.

Thanks,

Robert

Peter Bromberg said:
The account that your WebService is running under does not have write
permissions. You have basically two choices:

1) Determine the account (ASPNET, IUSR_<YourMachineName> ) that the service
is running under and grant it modify permissions on the folder where you
need to write your log. (you may need to do this both in IIS and for the
physical file folder with ACL's as well)
2) Try changing your -processModel "userName" attribute in machine.config
file from "machine" to "system". Note that this option is the "brute force"
approach and can have security consequences.
--Peter
Click to expand...
 
Back
Top