views:

639

answers:

4

I have a button on a website that creates a directory and copys a file. I developed it using Visual Studio 2008, ASP.Net 3.5. I am running Vista as my OS. The website uses identiy impersonation.

The functionality doesn't work ("Access to Path XYZ is denied") when:

  • I run the website via IE hitting the local webserver

The functionality works fine when [note Visual Studio run with Admin rights]:

  • I hit play in Visual Studio
  • I say view in Browser from Visual Studio
  • I run the website via IE hitting the local webserver, but start IE with Admin rights
  • I deploy the website onto another webserver (also vista/IIS7)
  • I modify FireFox to accept integrated authentication, then access via FireFox and localhost

I've never seen this behavior before, previously File.Copy type commands only cared that the rights on the folder being copied to were valid etc... (I have Everyone having full control while trying to debug this situation). It seems likely that the issue is having Admin rights or not? Or being logged in to the machine that it is running on?

What is happening here? Why does it work in the development environment and deployed to another machine, but not work when deployed on my own machine? Seems very odd, any help would be appreciated.

EDIT: I've added "Everyone" to all of the relvant directories and give that user Full Control, so there shouldn't be any permission issues?

A: 

My guess is the identity ASP.Net is running under doesn't have permissions (NetworkService) or the user used for anonymous authentication does have permission (IUSR)

Greg Dean
I've added "Everyone" to all of the relvant directories and give that user Full Control, so there shouldn't be any permission issues?
ChrisHDog
+2  A: 

More likely the user that IIS is running impersonated thread under does not have access to the original file or the destination. Have you tried doing the copy directly as that user? When you run IE as administrator or running VS as administrator the impersonated user has full rights as admin.

[Edit - add link]

There is some info on a similar thread, the idea to use SysInternals was good:

UnauthorizedAccessException with IIS7

Turnkey
i'm able to copy/delete/etc... with that user, no problem
ChrisHDog
+2  A: 

You should try giving permission to modify over asp.net

you can find several articles about that by google(ing) it.

Braveyard
can you give more details? the directories and files in question have "Everyone" read, write, modify permissions. how do I "give permission to modify over asp.net"? i am running impersonation so shouldn't that take care of this also?
ChrisHDog
you're right. Anyway tho from now on, cuz you foundd the solution :)
Braveyard
+2  A: 

OK I have tracked down the solution to this issue given these symptoms. I'm not 100% sure why this works (particularly since it works fine in FireFox and works fine in IE if you not connecting locally), but the following seems to be a work-around.

In IE select Tools -> Internet Options -> Security -> Trusted Sites -> Sites and add http://localhost as a trusted site. This then enables you to use the website locally. Why you need to do this in IE when connecting locally and not in FireFox or IE when connecting to another machine is something I don't know. But it does seem to be a viable workaround.

ChrisHDog