Upload fails to transfer file to specified folder

5 posts, 0 answers
  1. Joe
    Joe avatar
    51 posts
    Member since:
    Oct 2008

    Posted 01 Sep 2011 Link to this post

    I have a test page with nothing more than an AsyncUpload control. I created a folder within the web site called "files".
    I set the path within the control to save files into this folder on postback. I added a button to accomplish postback.

    I am getting an ASP.Net error: 

    [start error]

    Access to the path is denied.

    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.UnauthorizedAccessException: Access to the path is denied.

    ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6 and IIS 7, and the configured application pool identity on IIS 7.5) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.

    To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.

    Source Error:

    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

    Stack Trace: 

    [UnauthorizedAccessException: Access to the path is denied.]
   System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) +9717727
   System.IO.__Error.WinIOError() +33
   System.IO.File.Move(String sourceFileName, String destFileName) +258
   Telerik.Web.UI.AsyncUploadedFile.SaveAs(String fileName, Boolean overwrite) +50
   Telerik.Web.UI.RadAsyncUpload.RaisePostDataChangedEvent() +299
   Telerik.Web.UI.RadWebControl.System.Web.UI.IPostBackDataHandler.RaisePostDataChangedEvent() +10
   System.Web.UI.Page.RaiseChangedEvents() +134
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +5201
    [end error]

    I've tried to to change the "files" folder permissions to "Everyone" and great full permissions but it still fails.

    Does anyone have any suggestions?

    Thanks,
    Joe

    [Update]

    I solved the issue by adding this line to the web.config

    <identity impersonate="true" />

    So my question is this? Is that a real security risk by doing so???
  2.
  3. Genady Sergeev
    Admin
    Genady Sergeev avatar
    1600 posts

    Posted 06 Sep 2011 Link to this post

    Hello Joe,

    There is no security risk using impersonation in this case.  ASP.NET impersonates the token passed to it by IIS, which is either an authenticated user or the anonymous Internet user account (IUSR_machinename).

    Best wishes,
    Genady Sergeev
    the Telerik team

    Thank you for being the most amazing .NET community! Your unfailing support is what helps us charge forward! We'd appreciate your vote for Telerik in this year's DevProConnections Awards. We are competing in mind-blowing 20 categories and every vote counts! VOTE for Telerik NOW >>

  5. Sheeraz
    Sheeraz avatar
    27 posts
    Member since:
    Nov 2012

    Posted 11 Feb 2013 Link to this post

    Dear Genady Sergeev

    I am facing the same problem.
    Please guide me the settings, with hit and trial my purpose is getting serverd but I am not getting the behavior of RadAsynUpload Control.

    Senario:

    I am developing an intra-net web application.
    Users have domain logins.
    I am using basic authenticaion.
    I have a separate app pool for my application.
    I want to upload documents on the same machine's (D:\ derive) on which my application is deployed.
    My app pool is currently running under Network Service identity.

    Please guide me setting with any sample.

    Regards
    Sheeraz Raza
  7. Hristo Valyavicharski
    Admin
    Hristo Valyavicharski avatar
    975 posts

    Posted 14 Feb 2013 Link to this post

    Hi Sheeraz,

    in order to give write permissions to your application be sure that it run under Application Pool with Identity that has write permission to this folder. In your case make sure that Network Service can write to D:\Derive.

    Please refer to these links for additional information:

    Application Pool Identities

    Specify an Identity for an Application Pool (IIS 7)

    Greetings,
    Hristo Valyavicharski
    the Telerik team
    If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the RadControls for ASP.NET AJAX, subscribe to their blog feed now.
  9. Suthish
    Suthish avatar
    7 posts
    Member since:
    Feb 2013

    Posted 21 Feb 2013 Link to this post

    Did you tried adding asp.net account and give full rights?

    Also refer this thread.
Back to Top