2

I am trying to delete and rebuild an encrypted password file. I am able to create the file and add usernames and encrypted passwords if I run the commands manually on the server within a command window. But I get nothing if I try to run this code from within my C# web api controller. The delete line works, but the first Process.Start line fails, and it never makes it to my while loop.

            System.IO.StreamReader pass2 = new System.IO.StreamReader(pass);

            File.Delete("C:\\inetpub\\wwwroot\\password\passMD5.txt");

            Process.Start("C:\\inetpub\\htpasswd.exe -bc C:\\inetpub\\wwwroot\\password\\passMD5.txt sm88555 sm88999");

            while ((line = pass2.ReadLine()) != null)
            {                    
                un = line.Substring(0, 6);
                pw = line.Substring(7, 6);                   
                Process.Start("C:\\inetpub\\htpasswd.exe -b C:\\inetpub\\wwwroot\\password\\passMD5.txt " + un + " " + pw);
            }

            pass2.Close();
Austin Harris
  • 5,150
  • 6
  • 26
  • 39
  • Are there any exceptions? try adding a try catch block on process.start and see what exception it throws – User2012384 Nov 17 '15 at 03:15
  • A possible duplicate http://stackoverflow.com/questions/8061362/starting-a-process-from-asp-net-why-does-the-process-immediately-die – Kosala W Nov 17 '15 at 03:23
  • This might help... http://stackoverflow.com/questions/14896057/mvc4-webapi-process-launcher – Mick Nov 17 '15 at 03:25
  • 1
    I have to say this is pretty bizarre code... why would you be using apache httpasswd to store user names and passwords? There are so many .NET native alternative options – Mick Nov 17 '15 at 03:29
  • I have to build an apahce httpasswd file because it is the only way I know how to protect a directory from direct access on the web. There is an windows server / apache plugin called APE that I am trying to use. I wish there was a better way to restrict access to a folder of video content but I don't know how to do that with IIS or an ASP.NET web api. I know how to allow users to login to my application but not how to prevent someone from just accessing a folder inside the site bypassing the ASP.NET security. – Austin Harris Nov 17 '15 at 03:48

0 Answers0