RadEditor ImageManager and Images - Access from another web app on the same server

1 Answer 34 Views
Editor
Jeff
Top achievements
Rank 2
Iron
Iron
Veteran
Jeff asked on 10 Jun 2022, 03:43 PM

This is a complicated setup and issue, so I'll do my best to keep it succinct:

There are two different web applications - one is Windows authentication, and the other is Forms authentication.

Application #1 (Win authentication) uses a RadEditor to create "posts" or "articles" that could have images within them.  Those images are currently saved/uploaded to a directory that resides in the IIS root.  I've also tried with a virtual directory.

Application #2 (Forms authentication) loads the HTML from these posts created by App #1 into a Literal Control.  Whenever App #2 loads a post that contains an image, the browser asks for domain credentials.  The image will not show unless you supply proper login info.  The rest of the HTML from the post will load fine - just not the images.

I've given permission to the app pool, IIS_USRS, IUSR - even full control.  So far, there is no difference whether this folder has proper permissions, or none... it still prompts for credentials.

How can I allow App #2 to access these images without requiring credentials?

Thank you, in advance.

 

Rumen
Telerik team
commented on 12 Jun 2022, 04:01 AM

Hi Jeff,

The scenario is discussed at https://www.codeproject.com/Questions/172359/Images-and-CSS-issue-after-forms-authentication

You may also try to make the images folder a virtual directory pointing to the root of application 2 - this way the images will be accessible. You can find more information at https://docs.telerik.com/devtools/aspnet-ajax/controls/editor/functionality/dialogs/examples/upload-files-to-a-shared-drive

Jeff
Top achievements
Rank 2
Iron
Iron
Veteran
commented on 13 Jun 2022, 01:32 PM

Rumen,

Thank you for the suggestions - I will attempt to implement. 

I have a question regarding the html path that gets added to the RadEditor content when an image is added.  For the ImageManager-ViewPaths value, If we use the '~' tilde and the virtual directory it always adds the current application folder to the path of the image:

Example:  ImageManger-ViewPaths="~/ContentImages"

Yields:  Image path in RadEditor content:  <img src="/AppName/ContentImages/ImageFileName.png" />

Is there a way to configure the image path that the RadEditor produces to not include the AppName, and simply just output "/ContentImages/ImageFileName.png", isntead?

 

Rumen
Telerik team
commented on 13 Jun 2022, 02:27 PM

Using String.Replace on the server, you will be able to replace or strip the desired part of the URL and therefore display the image correctly on the public site.

If you want to have more precise URL stripping you could implement your own custom content filter that will convert the absolute paths to a relative when switching to HTML mode or submitting the content by executing the Telerik.Web.UI.Editor.StripPathsFilter([domainName]); filter of RadEditor. You can find more information at https://www.telerik.com/forums/image-url-overwritten-when-reposition-it

Last but not least you can use the OnClientPasteHtml client event to modify the img src just before it is inserted in to the content area.

Jeff
Top achievements
Rank 2
Iron
Iron
Veteran
commented on 15 Jun 2022, 03:57 PM

Rumen,

I've created a physical directory in app #2, and a virtual directory in app #1 pointing to the app #2 physical directory.  The RadEditor will properly upload the images here.   

I've modified the image src url to point to the proper directory, but I get a 401.3 error when attempting to view the image.  It turns out that the images added by the RadEditor ImageManager do not receive the proper permissions/user (IUSR).  When I manually add the IUSR to the permissions of the image the RadEditor uploads, I'm able to view it with no problem. 

I can drag an image in the same directory manually, and the proper permissions are added from inheritance.  My guess is that inheritance from appp #1 is taking over and applying it's inherited permissions, which do not include IUSR.  If that's true, is there any way to resolve this?

Jeff.

Jeff
Top achievements
Rank 2
Iron
Iron
Veteran
commented on 16 Jun 2022, 12:50 PM

I'm beginning to believe that what we want to accomplish is not possible.

Accessing resources from a Windows authenticated web application, which has Anonymous login disabled, to a Forms authenticated application is proving to be troublesome.  No matter what we do, the proper permissions are not applied, thus a 401 error is received every time.

Are we trying to do something that is impossible?

1 Answer, 1 is accepted

Sort by
0
Accepted
Jeff
Top achievements
Rank 2
Iron
Iron
Veteran
answered on 17 Jun 2022, 10:16 AM

Problem resolved.  Here's a quick explanation for anyone experiencing similar issues.

  • Create physical directory in a drive separate from either application.
  • Create virtual directory in both applications, pointing to the above physical directory.
  • Point the RadEditor ImageManager to this virtual directory.
  • When loading the content in app #2 (the app that does not host the RadEditor), from the IMG SRC attribute in the content, strip out the beginning of the path pointing to the root application name, leaving only the virtual directory folder name:
    • Example:  RadEditor produces this path:  "/App1/VirtualDirectory/FileName.xxx"
    • Modified to:   "VirtualDirectory/FileName.xxx"

  • App #2 now has access to the image.

Thank you, Rumen for all of your suggestions - they eventually led me to this resolution.

 

Rumen
Telerik team
commented on 20 Jun 2022, 10:51 AM

For nothing, Jeff! I will add this scenario to the help, but I am curious to learn how have you stripped the path in this point:

strip out the beginning of the path pointing to the root application name, leaving only the virtual directory folder name?

Was it with a server or client-side code? Can you share it for a reference to your fellow developers! Thanks!

Jeff
Top achievements
Rank 2
Iron
Iron
Veteran
commented on 20 Jun 2022, 11:06 AM | edited

In the application that reads the RadEditor posts, it is driven by a SQL Server View and Stored Procedure.  So I simply modified the view with with a CASE and REPLACE statement:

CASE WHEN CHARINDEX('/App1/VirtualDirectory/', RadEditorContentFieldFromDB) > 0

THEN REPLACE(RadEditorContentFieldFromDB, '/App1/VirtualDirectory/', 'VirtualDirectory/')

ELSE RadEditorContentFieldFromDB 

END AS RadEditorContentFieldFromDB

Rumen
Telerik team
commented on 21 Jun 2022, 02:12 PM

Tags
Editor
Asked by
Jeff
Top achievements
Rank 2
Iron
Iron
Veteran
Answers by
Jeff
Top achievements
Rank 2
Iron
Iron
Veteran
Share this question
or