Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Building Controls > Composite Control need write permisson

Reply
Thread Tools

Composite Control need write permisson

 
 
manikal
Guest
Posts: n/a
 
      03-28-2007
I've just finished building my composite control, it is image gallery
that generates thumbnails from images in specified folder and creates
new folder in which generated thumbnails been saved.

For my control to operate correct in hosting environment in IIS -
Directory Security "Integrated Windows authentication" needs to be
checked. Is that "un-common" pre-request for control of this type?
I am asking this because when I uploaded my web application with this
control on site, on page with my control I get
"System.UnauthorizedAccessException:"
ASP.NET is not authorized to access the requested resource. Consider
granting access rights to the resource to the ASP.NET request
identity. ASP.NET has a base process identity (typically {MACHINE}
\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the
application is not impersonating. If the application is impersonating
via <identity impersonate="true"/>, the identity will be the anonymous
user (typically IUSR_MACHINENAME) or the authenticated request user.
Exception is raised when control need to create "thumbnails" folder.

So, I've requested my hosting provider to check "Integrated Windows
authentication" for my site, but they provided me with workaround
instructions on how can I set "modify" permissions on parent folder of
"thumbnails" folder. But that doesn't solve my issue because I can't
set permissions with my FTP client.
My question is, is there some kind of security risk for hosting
provider to grant my site "Integrated Windows authentication", if it
is, is there any way for my control to work without need of taking
care pre-requests like this one.

Thanks,
manikal

 
Reply With Quote
 
 
 
 
Mark Fitzpatrick
Guest
Posts: n/a
 
      04-01-2007
Your host is actually recommending the correct course of action in this
case. If a control needs write access, then the permissions on the directory
must be modified to enable that. Using Integrated authentication isn't going
to alter that. It will still require the correct permissions used by the
user account that ASP.net is running under, the ASPNET user account or
Network Service account (for Win 2003 boxes). Does your host provide you
with a control panel? If so, then that is probably where you need to be
altering permissions. Every host I've run into either has this done through
a control panel, or has a process in place that let's you request particular
permissions for a folder. In this case though, it sounds as if they have
provided you with a mechanism to do this. I don't know of an FTP client
that is able to alter the permissions on a Windows Server, though there may
be one somewhere. Integrated Windows Authentication may cause some
side-effects that you're not aware of. Using this method changes how the
authentication request is sent to the client browser, typically requesting
an NTLM response. Non-IE browsers don't use NTLM authentication and can only
handle basic authentication responses. The side-effect is that when
switching methods you end up with browsers that can't authenticate the
anonymous user to view the site.

--
Hope this helps,
Mark Fitzpatrick
Former Microsoft FrontPage MVP 199?-2006


"manikal" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
> I've just finished building my composite control, it is image gallery
> that generates thumbnails from images in specified folder and creates
> new folder in which generated thumbnails been saved.
>
> For my control to operate correct in hosting environment in IIS -
> Directory Security "Integrated Windows authentication" needs to be
> checked. Is that "un-common" pre-request for control of this type?
> I am asking this because when I uploaded my web application with this
> control on site, on page with my control I get
> "System.UnauthorizedAccessException:"
> ASP.NET is not authorized to access the requested resource. Consider
> granting access rights to the resource to the ASP.NET request
> identity. ASP.NET has a base process identity (typically {MACHINE}
> \ASPNET on IIS 5 or Network Service on IIS 6) that is used if the
> application is not impersonating. If the application is impersonating
> via <identity impersonate="true"/>, the identity will be the anonymous
> user (typically IUSR_MACHINENAME) or the authenticated request user.
> Exception is raised when control need to create "thumbnails" folder.
>
> So, I've requested my hosting provider to check "Integrated Windows
> authentication" for my site, but they provided me with workaround
> instructions on how can I set "modify" permissions on parent folder of
> "thumbnails" folder. But that doesn't solve my issue because I can't
> set permissions with my FTP client.
> My question is, is there some kind of security risk for hosting
> provider to grant my site "Integrated Windows authentication", if it
> is, is there any way for my control to work without need of taking
> care pre-requests like this one.
>
> Thanks,
> manikal
>



 
Reply With Quote
 
 
 
 
manikal
Guest
Posts: n/a
 
      04-02-2007
Hi Mark,

I appreciate your answer.

I've contacted my host, and they don't have control panel feature
"yet", but they've set "modify" permission on whole site for ASPNET
user, and now my control is working properly. However, they've warn me
that this could be potential security risk, without any further
explanation. Now I am interested what exactly security risk?

Thanks,
Mijo

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how can I solve this erorr usr/lib/python2.6 : permisson denied Mohseniaref Python 3 08-03-2010 12:16 PM
Request for the permisson of type 'System.Web.AspNetHostingPermission.. ' failed clintonb ASP .Net 0 02-26-2008 04:27 PM
Check for write permisson on directory Johannes Hammersen ASP .Net 6 06-30-2005 06:22 AM
Losing Composite Control property that another Composite Control ... Chad ASP .Net Building Controls 0 02-01-2005 09:01 PM
Possible to create a composite control that has a child control that is a validator that validates the composite control itself? Jonathan Eric Miller ASP .Net Building Controls 2 07-22-2004 10:58 PM



Advertisments