Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > gaining access to a share

Reply
Thread Tools

gaining access to a share

 
 
Lachlan James
Guest
Posts: n/a
 
      02-14-2005
Hi,

I want to create a folder on a network share from within
my ASP.NET application. The app uses a custom
authentication mechanism which creates a Principal object
after looking up an external system.

It seems whenever the Directory.CreateDirectory() method
executes I get an UnauthorizedAccessException exception. I
suspect this is because the ASPNET account is a local
account which is unknown to the computer where the share
resides.

How can I progamatically gain access to that share to
create the dir?

I do not want to configure impersonation in the web.config
as I fear this is less secure.

Thanks, Lachlan
 
Reply With Quote
 
 
 
 
Paul Clement
Guest
Posts: n/a
 
      02-14-2005
On Mon, 14 Feb 2005 08:04:42 -0800, "Lachlan James" <(E-Mail Removed)> wrote:

Hi,

I want to create a folder on a network share from within
my ASP.NET application. The app uses a custom
authentication mechanism which creates a Principal object
after looking up an external system.

It seems whenever the Directory.CreateDirectory() method
executes I get an UnauthorizedAccessException exception. I
suspect this is because the ASPNET account is a local
account which is unknown to the computer where the share
resides.

How can I progamatically gain access to that share to
create the dir?

I do not want to configure impersonation in the web.config
as I fear this is less secure.

You need to understand how delegation works so you can choose which authentication method best suits
your configuration:

http://msdn.microsoft.com/library/de...delegation.asp
http://support.microsoft.com/default...b;en-us;810572


Paul ~~~ http://www.velocityreviews.com/forums/(E-Mail Removed)
Microsoft MVP (Visual Basic)
 
Reply With Quote
 
 
 
 
Lachlan James
Guest
Posts: n/a
 
      02-15-2005
Hi Paul,

Thanks for your reply. Unfortunately we are using a custom
authentication system for this particular application
because the built in ones don't fulfil our needs. This
means using windows authentication & impersonation is not
possible. Besides that, it is not recommended to do it
that way for security reasons.

However towards the end of the article you posted it
mentioned using COM+ serviced components to achieve this,
so that's what I have done. I have a serviced component
which I call from my asp.net app. The serviced component
runs under a custom account which has access to the
network share. This is the easiest & most secure way to do
this I think.

For anyone else that is interested in doing this, below is
a great article which explains how to do it and why it is
the only viable option.

http://www.15seconds.com/issue/030926.htm

Lachlan


>-----Original Message-----
>On Mon, 14 Feb 2005 08:04:42 -0800, "Lachlan James"

<(E-Mail Removed)> wrote:
>
> Hi,
>
> I want to create a folder on a network share from

within
> my ASP.NET application. The app uses a custom
> authentication mechanism which creates a Principal

object
> after looking up an external system.
>
> It seems whenever the Directory.CreateDirectory()

method
> executes I get an UnauthorizedAccessException

exception. I
> suspect this is because the ASPNET account is a local
> account which is unknown to the computer where the

share
> resides.
>
> How can I progamatically gain access to that share to
> create the dir?
>
> I do not want to configure impersonation in the

web.config
> as I fear this is less secure.
>
>You need to understand how delegation works so you can

choose which authentication method best suits
>your configuration:
>
>http://msdn.microsoft.com/library/default.asp?

url=/library/en-us/vsent7/html/vxconaspnetdelegation.asp
>http://support.microsoft.com/default.aspx?scid=kb;en-

us;810572
>
>
>Paul ~~~ (E-Mail Removed)
>Microsoft MVP (Visual Basic)
>.
>

 
Reply With Quote
 
Paul Clement
Guest
Posts: n/a
 
      02-15-2005
On Tue, 15 Feb 2005 03:36:08 -0800, "Lachlan James" <(E-Mail Removed)> wrote:

Hi Paul,

Thanks for your reply. Unfortunately we are using a custom
authentication system for this particular application
because the built in ones don't fulfil our needs. This
means using windows authentication & impersonation is not
possible. Besides that, it is not recommended to do it
that way for security reasons.

However towards the end of the article you posted it
mentioned using COM+ serviced components to achieve this,
so that's what I have done. I have a serviced component
which I call from my asp.net app. The serviced component
runs under a custom account which has access to the
network share. This is the easiest & most secure way to do
this I think.

For anyone else that is interested in doing this, below is
a great article which explains how to do it and why it is
the only viable option.

http://www.15seconds.com/issue/030926.htm

Lachlan

Yes I still use this type of mechanism for ASP and Visual Basic 6.0 components, although I kind of
moved away from COM+ since I moved to .NET.


Paul ~~~ (E-Mail Removed)
Microsoft MVP (Visual Basic)
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Share-Point-2010 ,Share-Point -2010 Training , Share-point-2010Hyderabad , Share-point-2010 Institute Saraswati lakki ASP .Net 0 01-06-2012 06:39 AM
Firefox gaining?/loosing? market share Old Enough Firefox 6 01-30-2007 12:27 AM
Firefox gaining market share Karl S Firefox 1 01-24-2007 07:12 PM
Gaining access to local files from an ASP.Net page Dave Keen ASP .Net 6 07-21-2006 02:06 PM
Gaining Access to an Identity value Jerry Camel ASP .Net 1 02-13-2004 04:21 PM



Advertisments