0

I am getting error's saying

Exception Details: System.UnauthorizedAccessException: Access to the path 'E:\web\aawebapp\Content\events\events.json' is denied.

ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6 and IIS 7, and the configured application pool identity on IIS 7.5) that is used if the application is not impersonating. If the application is impersonating via , the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET access to a file, right-click the file in File Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.

Where this happens is in the Controller when I try to do the following.

string eventspathway = 
HostingEnvironment.MapPath(@"~/Content/events/events.json");

System.IO.File.WriteAllText(eventspathway, newtext);

When I am running on localhost/debug this works fine, but does not work when webdeployed and thus spews out all the errors above.

Austin
  • 3,010
  • 23
  • 62
  • 97

1 Answers1

0

What's hard to understand here? That exception means exactly what it says.

Your web app runs in an IIS worker process (w3wp.exe — "world-wide web worker process", get it?) called an app pool (application pool). That process runs under an account. Any process running under those credentials won't be able to read (or write) to a path for which it lacks the prerequisite permissions.

You (or your system adminstrators) need to grant the app pool identity under which your app is running sufficient permissions to do what it needs to do. Or you need to find a place to park your data where your app pool identity has sufficient permissions.

Another alternative — not recommended for a production system! — would be to run the app pool under the local system account.

For more information, see

Community
  • 1
  • 1
Nicholas Carey
  • 71,308
  • 16
  • 93
  • 135
  • Would that have different privileges than App_Data? I am able to read/write from there. I also store images, scripts, css, and more all in my Content folder (where this .json is)..so I guess I don't know how to change permissions for this specific file? – Austin Jul 29 '14 at 17:18
  • You need to look at it. I'm pretty sure the app pool identity only has read permissions on the web app's directories with the exception of app_data. Anything else would be a security risk: do you really want the people who crack your site to be able to...improve...your source files and content for you? – Nicholas Carey Jul 29 '14 at 17:25
  • That makes sense...I guess on an off-topic note since I couldn't find anything, is there any way to have AJAX reach my applications App_Data? I have tried using url: `App_Data/events.json`, but it returns a `HTTP Error 404.8 - Not Found` saying it is hidden for security purposes. Is there a way to open an exception? – Austin Jul 29 '14 at 17:37