1

My code works locally, but not when I deploy to my web server. It says, "Permission Denied," when trying to access the wkhtmltopdf.exe file. I am using the Codaxy Wrapper. 

WkHtmlToPdfPath = HttpContext.Current.Server.MapPath(@"~/wkhtmltopdf/wkhtmltopdf.exe"),

Could I change that to using a DLL or something? How can I make this work on the server like it works locally?

Christian Stewart
  • 15,217
  • 20
  • 82
  • 139
user1477388
  • 20,790
  • 32
  • 144
  • 264
  • 1
    Check [this SO link](http://stackoverflow.com/questions/1331926/calling-wkhtmltopdf-to-generate-pdf-from-html/1698839) – dan radu Mar 08 '13 at 01:57
  • This smells like a UAC or even generic permissions thing. – Jeremy Holovacs Mar 08 '13 at 01:57
  • Did you try adding Network Service user and gave it Full Control? – Jobert Enamno Mar 08 '13 at 01:59
  • It is never a good idea to have your web server kick off a new process. – Sam Axe Mar 08 '13 at 02:05
  • Dup of one suggested by dan radu. Note that linked answers also cover security issues brought by Dan-o. – Alexei Levenkov Mar 08 '13 at 02:08
  • wkhtmltopdf has to be invoked as different process. Its hard its slow. Try ITextSharp. You can get it from nuget. Its very easy to use and does all the required stuff. – om471987 Mar 08 '13 at 02:32
  • @WYSIWYG The problem with ITextSharp is that it is pretty bad at rendering HTML. I have to use their markup... which doesn't seem to have any documentation that I could find... – user1477388 Mar 08 '13 at 13:51
  • **Isn't there a wkhtmltopdf .DLL? I thought I saw one. How can I convert my code to using it instead of the .EXE?** – user1477388 Mar 08 '13 at 15:28
  • To my own point, I've found this https://code.google.com/p/wkhtmltopdf/issues/detail?id=319 and will look into it soon... – user1477388 Mar 08 '13 at 15:50
  • Feel like I almost got it... Now, I get an error that says, "The directory name is invalid" I am using the code from http://stackoverflow.com/a/3683756/1477388 – user1477388 Mar 08 '13 at 23:53
  • Okay, I was doing something wrong, now (still doing SOMETHING) wrong, I get this error `Value cannot be null. Parameter name: fileContents` – user1477388 Mar 09 '13 at 12:17

1 Answers1

4

You need to grant execute access on the .exe file to the user IIS is going to use to access the file, most likely the app pool identity or in IIS 6 the IIS_WPG user.

user247702
  • 23,641
  • 15
  • 110
  • 157
tessi
  • 179
  • 1
  • 4
  • How can I grant the user access? Is this done via VS 2010 or my web control panel? I am on a shared server. Thanks for your help. – user1477388 Mar 08 '13 at 23:36
  • This did work for solving the problem. But, I have a new problem, for which I will open a new question, if need be... Thanks! (`Value cannot be null. Parameter name: fileContents`) – user1477388 Mar 09 '13 at 12:19
  • In reply to "How can I grant the user access? Is this done via VS 2010 or my web control panel? I am on a shared server. Thanks for your help. – user1477388 2 days ago" You need to assign the permission on the file system. e.g. if the file is located at C:\Program Files\7-Zip\7z.exe you need to navigate windows explorer to the c:\Program Files\7-Zip\ folder, right click on the 7z.exe file and adjust the security settings bu adding the iis app pool identity user. – tessi Mar 11 '13 at 02:22
  • If you are uncertain of the app pool user, go into IIS --> application pools, right click the relevant pool go into advanced settings and check the identity user. – tessi Mar 11 '13 at 02:25
  • RE: This did work for solving the problem. But, I have a new problem, for which I will open a new question, if need be... Thanks! (Value cannot be null. Parameter name: fileContents) – user1477388 yesterday Can you provide any more details on that? If I got that error I would be debugging line by line as close to where the error is thrown as possible and adding watches to the file contents parameter for the object. – tessi Mar 11 '13 at 02:27
  • I fixed that as well. I had to grant read and write permissions to my root for the network user. Not sure of the security implications... – user1477388 Mar 11 '13 at 13:07
  • 2
    Sorry, super slow reply. Granting access to the .exe is done in windows explorer. right click the .exe, --> properties --> security. – tessi Mar 25 '13 at 22:38
  • So do you think there are security issues with this approach ("... grant read and write permissions to my root")? – user1477388 Mar 26 '13 at 12:57
  • 1
    I would say any elevation of privileges does create the potential for security issues. However we must issue at least the bare minimum ACLs or else our application will get access denied type errors. To run an .exe execute permission is needed. Write permission if not needed. However, the .exe itself may be carrying out a write operation, in that even then write permissions will be needed on the directories .exe writes to. – tessi Apr 02 '13 at 02:32