tags:

views:

448

answers:

2
Q: 

ASP.NET Read Files from a Password Protected Network Share

Hi -

I have an ASP.NET website on a Windows 2003 Server, that needs to access files from a network share. The network share is password protected and needs a username and password to be provided.

I use forms based authentication on the website and not windows based.

So my problem is, when I try to read any file from the networkshare using the code below, it throws access denied DirectoryInfo networkShare = new DirectoryInfo("\\TestServer\Share");

So I tried using Impersonate by providing the username and password of the network share to the impersonate function call, however the call obviously fails since that username does not exists on the ASP.NET webserver. So then I passed the username and password of a login that does exist on the webserver, so this time the impersonate call works however it still can not access the network share 'cuz the network share username and password are different.

So finally, I created the exact same username/password on the webserver which matches the network share. This time impersonate function call works and so does network share. I'm able to successfully read from the share.

So my question is, is there a way I can read the network share without adding the username in the webserver. 'Cuz everytime the network share login changes, I'll have to again make a new username in the webserver too. Which is not ideal.

Any ideas?

A: 

try this

WebRequest request = WebRequest.Create( "http://server/file.xml" );
request.PreAuthenticate = true;
request.Credentials = new NetworkCredential( "user", "pass" );

request.GetResponse();
ArsenMkrt  2009-09-30 04:12:29
I need to get a list of all files from network share folder and copy all files to the webserver, will that be possible with the above aproach? Thanks.
ace  2009-09-30 05:22:54
+1  A: 

The "right" way to do this is to run the webserver's AppPool as the identity that can access the share. That way, the only credential storage is done securely in the IIS config (rather than in your code or in readable config files). Putting the webserver and fileserver in the same Windows domain (or different domains with trust) is the easiest way, but the "same username/password" thing should work there as well.

If you don't care about putting usernames/passwords in your code or config, you can P/Invoke to WNetAddConnection2 and pass the username/password- then you should be able to access the share. This doesn't require the webserver to have a matching account, but you really should secure the password (look into System.Security.Cryptography.ProtectedData for encrypted registry storage).

nitzmahone  2009-09-30 04:32:07
So again we need to have idential username/password on both servers, right ? I'm looking for something that does not require me to create a username on the webserver. Thanks.btw, my network share is on a FEDORA and not a windows server, not sure if that makes any difference.
ace  2009-09-30 05:26:18
Sorry, your original post wasn't clear- if you don't care about storing the other server's username/password, I added something above that should work.
nitzmahone  2009-09-30 17:07:05
Wow...looks like the solutions to my problem...I'll try and let you know if it works. Thanks man...I'm thinking of encrypting the network login and storing on the database server, so i guess it should be fine.
ace  2009-10-01 02:42:36
Hey i tried using it and it totally worked, thanks man.
ace  2009-10-03 10:12:17

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps