This is certainly possible. There are significant security factors to
think about when you are doing this, so think through the implications
of what you are doing first.
There are a couple different methods to do what you want:
1. By default, your web app runs under the security context of the
local machine's ASPNET account. You can give this account appropriate
permissions to whatever folder you will be saving the file to, and then
just save the file there (inpFileUp.PostedFile.SaveAs(...)).
2. Another option to consider is to have your application run under
another security account (either local or domain), and use
impersonation (lookup impersonation, and aspnet_setreg). In this case,
your app will run under whatever account you setup with impersonation,
and that account will need appropriate rights to save the file.
I am a fan of #2, as I use impersonated domain accounts for database
access as well, and I can use them to give permissions to remote file
shares (so that I do not have to waste web server disk space).
I hope this helps,
Tim Aranki
