Accessing a remote file with a SharePoint Web Part

Question

I recently built a program that parses a remote file from \some_server\c$\directory\file.xls and it works fine on my local machine as just a normal aspx page.

Then I put the program into web part form on my VM SharePoint server and I get this error: Access to the path '\some_server\c$\directory\file.xls' is denied.

The file is shared to Domain\Authenticated Users so I am not sure why it would be denied? Is it possible my SharePoint is trying to call it with a local or network service account? How can I get it to read? Thank you.

Answer 1

SharePoint usually runs in a separate application pool. Please check the identity of this application pool.

Answer 2

I think to be able to access network path, your code has to run in FULL TRUST, which I don't think SharePoint does.

Answer 3

Salamander is right, SharePoint doesn't run with trust to do this.

Changing the trust level for SharePoint in it's web.config from WSS_Medium to Full is the quick solution, but there are security implications..

Answer 4

Can you explain further what exactly setting the trust level does for you?

I would think that if your app pool identity is a domain account you can use SPSecurity.RunWithElevatedPrivileges to use the app pool credentials to access the file. Or, use impersonate to explicitly pass another account's credentials.

Answer 5

I think you will need RunWithElevatedPrivleges which will make SharePoint use the application pool account. Also keep in mind you will have to make sure that application pool account has access to that network share. Avoid using full trust.

Answer 6

Why not store the file in SharePoint so you have better access to it? Put it in a hidden library and access it using SPSecurity.RunWithElevatedPrivledges.

There are caveats to RWEP. Any reference to SPSite and SPWeb obtained from the SPContext (ie SPContext.Current.Site) will still run under the privledges of the logged on user. You must explicity create a reference inside the RWEP delegate.

SPSecurity.RunWithElevatedPrivileges(delegate() { using (SPSite site = new SPSite(SPContext.Current.Site.Url)) { using (SPWeb web = site.OpenWeb()) { //... Do something with SPWeb } } });

If you need to access the file from outside sharepoint to update it with existing processes you can use the file share path which is available for all SPDocumentLibrary's but going to Actions --> Open with Windows Explorer to obtain the network path.

Answer 7

Just a quick note, you could be running into the classic NTLM Double-Hop issue. You can authenticate to the front end, but because the front end does not have your password, it cannot then authenticate to a resource on another server.

Running with Elevated priviliges, and setting permissions based on the Application Pool identity could be one way of moving your forward.