Passing credentials to File.Move() in ASP.NET 4.0 & IIS7

Question

I have an asp.net web application running on IIS7 with it's AppPool Identity set as "NETWORK SERVICE" and Managed Pipeline Mode = Classic.

The web.config contains the following security settings...

<system.web>
    <identity impersonate="true"/>
    <authentication mode="Windows" />
</system.web>

The web app downloads data from a 3rd party and creates file(s) on the web app server. These files are then transferred to another server via this command.

  System.IO.File.Move(sourcePathAndFilename, destinationPathAndFileName);

When I run the app from the server as a high level user it works fine. When I run the app as any user from a client machine it fails. When I run the app as a low level authorized user from the server it fails.

The error is HTTP 401 unauthorized access.

I'm 100% sure users & NETWORK SERVICE have sufficient rights on both source and destination folders. So, it seems the File.Move() command is being executed as something else, but who/what?

Without changing the AppPool settings is there a way for the web app to pass through the user credentials to the File.Move() command?

Answer 1

You can find a great implementation of what you need in this question

after adding a specific class with a using statment you can do your File.Move

just with

using (new NetworkConnection(@"\\server\path", Credentials)) {
   System.IO.File.Move(sourcePathAndFilename, destinationPathAndFileName);
}