Folder access by ASP.Net application

[CW]

I have an ASP.NET application that needs to read/write from to the IIS
application directory and its subdirectories. The application is configured
to use form authentication and thus it has the following entries in
web.config:
<authentication mode="Forms">
<forms name="CommerceAuth" loginUrl="login.aspx"
protection="All" path="/" />
</authentication>
<authorization><deny users="?" /><allow users ="*"
/></authorization>

Now the application runs OK on my dev box. The ASP.Net application is able
to create file in IIS application folder and its subdirectory. However, once
uploaded to my web host, the code that generates file on the web server IIS
folder throws exception that essentially states that access to the directory
is denied.

Now my suspicion is that it has something to do with security permission
granted to accounts used by IIS and ASP.Net. If I understand the IIS/ASP.Net
architecture correctly, all anonymous requests are run in the context of
IUSR* (where * is the machine name). It is then handed off to either ASPNET
account (if IIS 5.x) or the configured worker pool account for ASP.Net
process on IIS6 (if configured or default back to ASPNET account). Thus, if
ASPNET account (or the worker pool account) has the necessary privilege to
write to the particular IIS folder, then the application should be able to
create a file in that folder. Otherwise, access would be denied.

Can someone confirm or clarify if my understanding is correct?

Thanks

[Raghavendra T V]

Hi CW,

I would suggest you to check the security settings for the root folder
under which you are creating the folders and files from your
code.

You should have the ASPNET user added to the group and should have write
permissions.

Hope this helps you.

Thanks
Raghavendra
"CW" <CW@nospam.com> wrote in message
news:OBBotWpkEHA.536@TK2MSFTNGP11.phx.gbl...

> I have an ASP.NET application that needs to read/write from to the IIS
> application directory and its subdirectories. The application is

configured

> to use form authentication and thus it has the following entries in
> web.config:
> <authentication mode="Forms">
> <forms name="CommerceAuth" loginUrl="login.aspx"
> protection="All" path="/" />
> </authentication>
> <authorization><deny users="?" /><allow users ="*"
> /></authorization>
>
> Now the application runs OK on my dev box. The ASP.Net application is able
> to create file in IIS application folder and its subdirectory. However,

once

> uploaded to my web host, the code that generates file on the web server

IIS

> folder throws exception that essentially states that access to the

directory

> is denied.
>
> Now my suspicion is that it has something to do with security permission
> granted to accounts used by IIS and ASP.Net. If I understand the

IIS/ASP.Net

> architecture correctly, all anonymous requests are run in the context of
> IUSR* (where * is the machine name). It is then handed off to either

ASPNET

> account (if IIS 5.x) or the configured worker pool account for ASP.Net
> process on IIS6 (if configured or default back to ASPNET account). Thus,

if

> ASPNET account (or the worker pool account) has the necessary privilege

to

> write to the particular IIS folder, then the application should be able to
> create a file in that folder. Otherwise, access would be denied.
>
> Can someone confirm or clarify if my understanding is correct?
>
> Thanks
>
>

[[MSFT]]

You understanding is right. When working with Form authentication, ASP.NET
application will use the account "ASPNET" (IIS 5) or "Network service" (IIS
6.0 ) to access the resource like file system or database. It seems the
account on your web server didn't have enough permission to create files on
the particular folder. You may contact the server's administrator for this.

Luke