|
|
You're in the
asp.net security
group:ASP.NET and directory security
asp.net security:
Hi all,
I come from a win forms background, and am building a web site that needs to interface to a FOXPRO database (DBF files). My problem is as follows: I have created a virtual directory on the same machine as where the DBF files are located. I have created a share for the DBF files, and I've given the <SERVER>\ASPNET account access to this folder where they are residing. My code to connect to the folder where the DBF files are located is basically as follows: 1. Connect to a DLL which authenticates our users according to <USERNAME>, <PASSWORD> and <DIRECTORY> where the DBF files are. 2. IF the connect is successful, continue processing any queries through Visual FoxPro OLEDB PRovider 8.0 to the data. This works fine if I am testing on the machine locally, i.e the web project is opened on the machine - in this case my development machine - and it connects to the Foxpro Database folder - also on my development machine - successfully. If I try to connect to that same database and project from another machine I get security warning, " the specified file does not exist" . I use System.IO. File.Exists to see if I can access one of the files in the folder specified, but get access denied. What do I need to setup in terms of permissions to access a FOLDER on another machine via asp.net, or what do I need to do? Thanks in advance Q -- Message posted via http://www.dotnetmonster.com
Q,
I want to clarify your situation. 1. You have setup the DBF files on machine creating a shared directory and giving the MACHINE\ASPNET user access to that directory? 2. You are experiencing errors while trying to access that share from an ASP.NET application hosted on a different machine? 3. Are you using a mapped drive (i.e. G:\someshare) or a UNC share (i.e. \\servername\shomeshare) to access the DBF files? One possible solution would be to use a UNC share and take advantage of impersonation (make sure the username and password are the same on machine A and B). http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vsent7/html/vxconImpersonation.asp Your answers to the questions should help shed more light on your situation. Thanks, Todd Casey [quoted text, click to view] "quintesv via DotNetMonster.com" <u26933@uwe> wrote in message news:66dc975d86a6f@uwe... > Hi all, > > I come from a win forms background, and am building a web site that needs > to > interface to a FOXPRO database (DBF files). My problem is as follows: > > I have created a virtual directory on the same machine as where the DBF > files > are located. I have created a share for the DBF files, and I've given the > <SERVER>\ASPNET account access to this folder where they are residing. > > My code to connect to the folder where the DBF files are located is > basically > as follows: > 1. Connect to a DLL which authenticates our users according to <USERNAME>, > <PASSWORD> and <DIRECTORY> where the DBF files are. > 2. IF the connect is successful, continue processing any queries through > Visual FoxPro OLEDB PRovider 8.0 to the data. > > This works fine if I am testing on the machine locally, i.e the web > project > is opened on the machine - in this case my development machine - and it > connects to the Foxpro Database folder - also on my development machine - > successfully. > > If I try to connect to that same database and project from another machine > I > get security warning, " the specified file does not exist" . I use > System.IO. > File.Exists to see if I can access one of the files in the folder > specified, > but get access denied. > > What do I need to setup in terms of permissions to access a FOLDER on > another > machine via asp.net, or what do I need to do? > > Thanks in advance > Q > > -- > Message posted via http://www.dotnetmonster.com >
Hi Todd,
In response to your questions: 1. I have created a shared directory on my development machine, which is also the machine hosting the asp.net application. ASPNET has access to that directory and it works fine if i open the web app via http: //localhost/webapp/page.aspx. 2. I am experiencing problems accessing the share created on my development machine if I connect to the asp.net project -on my development machine- from another PC. Say forexample I am connecting to my machine from a colleagues pc using the url http://quintesv//webapp.page.aspx. Quintesv would have been localhost in (1) above. 3.I am using a UNC to access the files. I am looking at impersonation, but havent been successful yet. I've seen examples using impersonation using logonuser, but i want to be able to use the current users logon information. All users will be accessing this page from an intranet - for now - so using the domain\username should be ok. Or am i wrong? I've tried bool returnValue = LogonUser(@"domain\user", "<PC to access>", "<Password>", LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref tokenHandle); but it says invalid user name or password. Thats where I am right now.. [quoted text, click to view] Todd Casey wrote: >Q, > >I want to clarify your situation. > >1. You have setup the DBF files on machine creating a shared directory and >giving the MACHINE\ASPNET user access to that directory? > >2. You are experiencing errors while trying to access that share from an >ASP.NET application hosted on a different machine? > >3. Are you using a mapped drive (i.e. G:\someshare) or a UNC share (i.e. >\\servername\shomeshare) to access the DBF files? > >One possible solution would be to use a UNC share and take advantage of >impersonation (make sure the username and password are the same on machine A >and B). > >http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vsent7/html/vxconImpersonation.asp > >Your answers to the questions should help shed more light on your situation. > >Thanks, > >Todd Casey > >> Hi all, >> >[quoted text clipped - 35 lines] >> Thanks in advance >> Q -- Message posted via DotNetMonster.com http://www.dotnetmonster.com/Uwe/Forums.aspx/asp-net-security/200609/1
Q,
You might possibly want to look into using programmatic impersonation. http://west-wind.com/weblog/posts/1572.aspx If you have the files in the a shared directory, the share permissions have the ASPNET user with the correct permissions, and you are accessing the files via UNC you should be set. Although, it looks like you are trying to perform some additional logic to authenticate the user beyond what I described above. Are all of the users part of a domain? If all users are part of the same domain then why not use "Windows Integrated Security" and disable anonymous access in IIS? Are you also wanting to use the user's credentials as part of the OLEDB connection string? You said that this is working on your machine but not on your colleagues machine. Are you using the same username/password when you are attempting to login on your dev and your colleagues pc? If you are not part of a domain then does the account that you are trying to use to login as exist on your development machine? When you say that you are connecting to the asp.net project on your machine from a colleagues pc do you mean opening the site in a browser or opening the project in VS using the remote site option? Todd Casey [quoted text, click to view] "quintesv via DotNetMonster.com" <u26933@uwe> wrote in message news:66e79834ab98e@uwe... > Hi Todd, > > In response to your questions: > > 1. I have created a shared directory on my development machine, which is > also > the machine hosting the asp.net application. ASPNET has access to that > directory and it works fine if i open the web app via http: > //localhost/webapp/page.aspx. > > 2. I am experiencing problems accessing the share created on my > development > machine if I connect to the asp.net project -on my development machine- > from > another PC. Say forexample I am connecting to my machine from a colleagues > pc > using the url http://quintesv//webapp.page.aspx. Quintesv would have been > localhost in (1) above. > > 3.I am using a UNC to access the files. I am looking at impersonation, but > havent been successful yet. > > I've seen examples using impersonation using logonuser, but i want to be > able > to use the current users logon information. All users will be accessing > this > page from an intranet - for now - so using the domain\username should be > ok. > Or am i wrong? > > I've tried > > bool returnValue = LogonUser(@"domain\user", "<PC to access>", > "<Password>", > LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, > ref tokenHandle); > > but it says invalid user name or password. > > Thats where I am right now.. > > > Todd Casey wrote: >>Q, >> >>I want to clarify your situation. >> >>1. You have setup the DBF files on machine creating a shared directory and >>giving the MACHINE\ASPNET user access to that directory? >> >>2. You are experiencing errors while trying to access that share from an >>ASP.NET application hosted on a different machine? >> >>3. Are you using a mapped drive (i.e. G:\someshare) or a UNC share (i.e. >>\\servername\shomeshare) to access the DBF files? >> >>One possible solution would be to use a UNC share and take advantage of >>impersonation (make sure the username and password are the same on machine >>A >>and B). >> >>http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vsent7/html/vxconImpersonation.asp >> >>Your answers to the questions should help shed more light on your >>situation. >> >>Thanks, >> >>Todd Casey >> >>> Hi all, >>> >>[quoted text clipped - 35 lines] >>> Thanks in advance >>> Q > > -- > Message posted via DotNetMonster.com > http://www.dotnetmonster.com/Uwe/Forums.aspx/asp-net-security/200609/1 >
Don't see what you're looking for? Try a search.
|
July 2003
August 2003
September 2003
October 2003
November 2003
December 2003
January 2004
February 2004
March 2004
April 2004
May 2004
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
| home · blog · groups | Questions? Comments? Contact the dn |