ASP.NET: System.UnauthorizedAccessException - Access to Path Denied

Question

I have an ASP.NET web application which does the following:

1. Reads an Excel file.
2. The excel file will have an image URL located in it that points to somewhere on the internet.
3. The program reads each image URL and store it into a temporary folder in the web server.
4. The application then resizes (changes the width and height) of the image.

5. Finally, the application will save that image to another folder.

   I am getting the following exception:

System.Net.WebException: An exception occurred during a WebClient request. ---> System.UnauthorizedAccessException: Access to the path '\abcserver\target03\3111\35644\www.testing.com\web\content\images\TempStorage\tempImage.jpg' is denied. at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access) at System.Net.WebClient.DownloadFile(Uri address, String fileName) --- End of inner exception stack trace ---
at ProcessImage.GetFileFromUrl(String imageFileUrl, String newFileName)
at uploadexceldata.UploadExcelData(String fileName)

 foreach (DataRow dr in dt.Rows) // Reading each excel row
            {

                if (dr[0].ToString() != "")
                {
                    id= "";
                    path = "";
                    manuId = "";


                    id= dr[0].ToString();
                    path = dr[1].ToString();
                    fileNameOnly = iProImg.GetFileNameOnly(path);
                    objDb.openConnection();
                    strSqlGroupInfo = "select ManufacturerID from  manufacturers where id='" + id+ "'";

                    dTblManu = objDb.BuildDT(strSqlGroupInfo); // To Fill data to Datatable
                    objDb.closeConnection();
                    if (dTblManu.Rows.Count > 0)
                    {
                        manuId = dTblManu.Rows[0][0].ToString();
                    }

                    if (manuId != "")
                    {
                        tempUploadPath = "images/TempStorage/";
                        tempUploadPath = Server.MapPath(tempUploadPath);
                        if (!Directory.Exists(tempUploadPath))
                        {
                            Directory.CreateDirectory(tempUploadPath);
                        }
                        tempFilePath = tempUploadPath + "\\tempImage.jpg";
                        tempFilePath = tempFilePath.Replace("/", "\\");

                        previewPath = Server.MapPath("images/previews/" + manuId);
                        thumbNailPath = Server.MapPath("images/thumbnails/" + manuId);

                        if (!Directory.Exists(previewPath))
                        {
                            Directory.CreateDirectory(previewPath);
                        }
                        if (!Directory.Exists(thumbNailPath))
                        {
                            Directory.CreateDirectory(thumbNailPath);
                        }
                        fileNameOnly = "\\preview" + id+ ".jpg";
                        fileNameOnly = fileNameOnly.Replace("/", "\\");
                        previewPath = previewPath + fileNameOnly;
                        tempPartialPathP = "images\\previews\\" + manuId + fileNameOnly;

                        fileNameOnly = "\\thumbnail" + id+ ".jpg";
                        thumbNailPath = thumbNailPath + fileNameOnly;
                        tempPartialPathT = "images\\thumbnails\\" + manuId + fileNameOnly;


                        try
                        {

                            iProImg.GetFileFromUrl(path, tempFilePath);
                            rowCounter++;
                            iProImg.ReSizeImage(tempFilePath, previewPath, previewSize);
                            iProImg.ReSizeImage(previewPath, thumbNailPath, thumbNailSize);

                        }
                        catch (Exception ec)
                        {

                            errorRowCount++;
                            iLog.LogErrorToFile("uploadExcel", ec.ToString(), "path : " + path + ",tempFilePath :" + tempFilePath);


                        }
                        finally
                        {
                            if(File.Exists(tempFilePath))
                            {
                            File.Delete(tempFilePath);
                            }
                        }
                    } // If manuid!=""
                }  //if (dr[0].ToString() != "")

Does anyone have any suggestions on how to fix this exception?

Answer 1

Try setting the access permissions to "Full control" for the .Net user from where you are reading/saving the files.

Answer 2

Make sure the ASP.NET account has read/write permission on the folder you're writing to (basic windows security).
How to: http://www.microsoft.com/windowsxp/using/networking/security/permissions.mspx
(first 4 steps, check the boxes and click OK)

[EDIT]
You need to authenticate yourself with an account known on the remote server. You probably gave rights to the local ASP.NET account on the remote server, which won't work because that's not the user you access the folder with (from the webserver).
[/EDIT]

Answer 3

In reply to what was said : "This is a remote server and the folder has full read/write permission granted.Still not working "

Make sure the .Net user / machine account user has full permissions for that Folder.

Also, add < identity /> to your config file

Answer 4

All of the above, plus you may need to add this tag:

<identity impersonate="true" userName="accountname" password="password" />

Read this KB article and if you are going from browser to iis to a file share, that counts as two hops and now you need to configure Kerberos Delegation. System administrators much smarter than me have tried to configure kerberos delegation and failed. Move your images or you IIS instance so that they are on the same machine.

Answer 5

First, narrow down your problem by temporarily granting Everyone full permission on that particular path. If it works, then you know for a fact it's a simple permission issue and you just need to figure out which acct needs proper permission. Probably the Anonymous User account (double check this setting in IIS Admin) and not the ASP.NET account. (don't forget to pull permission for Everyone)

If you need to, I believe you can use FileMon to see which account is attempting to access a particular file. Could be wrong, I haven't used this tool in a while.

One last thing... is the read-only flag set on the file? :)

Answer 6

Check that the image file (jpg) you're writing to the tempStorage has the proper permissions for the webuser account(aspnet or iis_wpg). You can set the TempStorage directory to replace permisson entries on all child objects.

1. Right Click TempStorage folder and select properties
2. Select the security tab (ensure the proper read/write/modify permissons are here)
3. Click the Advanced button
4. Check the second checkbox - Replace permissions entries on all child objects with entries shown here that apply to child objects.

Now all files that you add to the TempStoreage folder will inherit the permissions allowing you webuser account to read the jpg file.

Answer 7

I had the exact same problem today. After spending hours trying to track down what was causing the issue I found out that the permissions for the folder that was being written to were incorrect. Essentially, the folder was readonly from the perspective of the user being used to create the file.

Try doing the following for the folder in question:

1. Right Click on the folder and select properties
2. Click on the Sharing tab and then click on the Permissions button
3. Make sure to add whatever user is going to writing to the folder permissions to do so
4. Back at the properties page, click the Security tab
5. Make sure to add whatever user is going to write to the folder permissions to do so

Seeing as this question was asked 6 months ago, I'm assuming that you've already solved the issue...but I just thought I'd document my solution just in case it becomes useful to someone else in the future as they try to figure out how to solve this UnauthorizedAccessException.

Answer 8

No answers in the world solved this for me until I stumbled on the answer for myself:

UN-ENCRYPT THE FILE

You can grant full permissions to everyone on your entire hard drive, it still won't allow ASP.NET decrypt files.

If you are certain the file isn't encrypted, then you just need to add the ASPNET account to the file or folder you want to access. But make sure its not encrypted first!