|
-
Nov 10th, 2005, 11:17 AM
#1
Thread Starter
Lively Member
Issues with Server1 using SaveAs to copy to Server2
Hi everyone,
I'm having the following problem......
I have 2 servers.
Server1 - Just a web server running IIS
Server2 - File repository server, containing files, .doc, .pdf etc.
I'm building an asp.net page that runs on Server1
It's an imaging program, that creates records in a sql database, and uploads
files to Server2 based on the inserts.
When a users tries to create a record......
The record is inserted into SQL
But their is a problem when copying the file.
It works okay on my localhost, so I'm thinking it's a security issue with Server1 trying to copy the file from my PC to Server2
I get a access denied error.....
ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET write access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.
I've racked my brains, but I can't seem to figure out what's wrong.
Note: Users do have access to create, copy files on Server2, because
of an AD security group. This is not a problem.
Any help will be greatly appreciated.
lol, what a crazy day
-
Nov 10th, 2005, 04:09 PM
#2
Re: Issues with Server1 using SaveAs to copy to Server2
Your application runs under the security context of the ASP.NET worker process. And since that user is local to your computer, it didn't work.
I think you should set identity impersonate="true" for your application so that your users' security context is passed on, and you can perform the file writes.
-
Nov 10th, 2005, 06:04 PM
#3
Thread Starter
Lively Member
Re: Issues with Server1 using SaveAs to copy to Server2
thanks, but I tried that both ways...
impersonate="true"
and
impersonate="false"
also windows authentication is set to true, and anonymous login is unchecked
but I think it's something deeper.
I think it's a security issue with Server1 not being able to communicate to Server2
or
Server1 not being able to past credentials(usersname, password) from AD into the
Server2
I think the reason it works on my localhost is because, I'm logged in as myself, and my credentials are stored on my PC.
Here is an article I fould with a similar problems with servers communicating with other servers.....
MSDN Madness
Thanks for your help though
-
Nov 10th, 2005, 07:03 PM
#4
Thread Starter
Lively Member
Re: Issues with Server1 using SaveAs to copy to Server2
Here are some interesting links I found where it recommends to use delgation for asp.net to access resources on other computers, but our network is not setup for this because it requires Kerberos authentication protocol, and our network uses proxy servers, which Kerberos has issues with proxy servers.
http://support.microsoft.com/default...b;en-us;810572
http://msdn.microsoft.com/library/de...plications.asp
http://support.microsoft.com/kb/321728/
lol, back to the drawing board
-
Nov 11th, 2005, 06:36 AM
#5
Re: Issues with Server1 using SaveAs to copy to Server2
What about giving permissions to everyone on that shared folder? Did you do that?
-
Nov 11th, 2005, 09:20 AM
#6
Thread Starter
Lively Member
Re: Issues with Server1 using SaveAs to copy to Server2
Yes, they all have read permissions on the shared folders.
The problem is when they try to create files on the folder (using asp.net's
SaveAs fileobject). Those folks have the special write permission, but still not cigar.
I think, I have a work around though.
Not very clean, but it should work.....
When a user uploads a file, It will copy that file to a temp folder on the same server that is running IIS. Then, I will have a service on that server that will check that folder every 1 minutes to see if new files are there. If yes, then it will move it over to the other server. This way I can avoid the security issues from asp.net.
Thanks again.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|