I have a test page with nothing more than an AsyncUpload control. I created a folder within the web site called "files".
I set the path within the control to save files into this folder on postback. I added a button to accomplish postback.
I am getting an ASP.Net error:
[start error]
Access to the path is denied.
Description:
An unhandled exception occurred during the execution of the current web
request. Please review the stack trace for more information about the error and
where it originated in the code.
Exception Details:
System.UnauthorizedAccessException: Access to the path is denied.
ASP.NET is not authorized to access the requested resource. Consider
granting access rights to the resource to the ASP.NET request identity. ASP.NET
has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network
Service on IIS 6 and IIS 7, and the configured application pool identity on IIS
7.5) that is used if the application is not impersonating. If the application is
impersonating via <identity impersonate="true"/>, the identity will be the
anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET access to a file, right-click the file in Explorer,
choose "Properties" and select the Security tab. Click "Add" to add the
appropriate user or group. Highlight the ASP.NET account, and check the boxes
for the desired access.
Source Error:
An unhandled exception was generated during the execution of the
current web request. Information regarding the origin and location of the
exception can be identified using the exception stack trace below.
|
Stack Trace:
[UnauthorizedAccessException: Access to the path is denied.]
System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) +9717727
System.IO.__Error.WinIOError() +33
System.IO.File.Move(String sourceFileName, String destFileName) +258
Telerik.Web.UI.AsyncUploadedFile.SaveAs(String fileName, Boolean overwrite) +50
Telerik.Web.UI.RadAsyncUpload.RaisePostDataChangedEvent() +299
Telerik.Web.UI.RadWebControl.System.Web.UI.IPostBackDataHandler.RaisePostDataChangedEvent() +10
System.Web.UI.Page.RaiseChangedEvents() +134
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +5201
|
[end error]
I've tried to to change the "files" folder permissions to "Everyone" and great full permissions but it still fails.
Does anyone have any suggestions?
Thanks,
Joe
[Update]
I solved the issue by adding this line to the web.config
<identity impersonate="true" />
So my question is this? Is that a real security risk by doing so???