8

I've inherited a new project. The website (MVC.NET) is referencing a file location on the Windows 2012 server (it appears to be hard coded) but the file is not in the same directory as the website.

Part of the code copies a file from one location to another using File.Copy but this is causing an exception.

Apparently it was working yesterday and today it isn't. The website is down and as such I'm looking to resolve it.

The error message from the browser is

Access to the path 'C:\Websites\Website\Content\Images\Uploads\Certificate 1.jpg' is denied.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.UnauthorizedAccessException: Access to the path 'C:\Websites\Website\Content\Images\Uploads\Certificate 1.jpg' is denied.

ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6 and IIS 7, and the configured application pool identity on IIS 7.5) that is used if the application is not impersonating. If the application is impersonating via , the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET access to a file, right-click the file in File Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.

The easiest way to fix this (as a temporary fix just to get the website up and running) I thought was to give full permissions to that folder, meaning adding Everyone with full permission. It didn't work. I'm not curious as to why.

I'm aware of the risks this has but my question is why this doesn't work. Why do I still see the same error message?

I can RDP into the server and access the file without issue. As such, I don't believe this is a server issue (for ServerFault or SuperUser).

I suspect it's a protection thing in .NET. In the same way (if I remember right) we had to set special permissions in IIS to allow parent paths in ASP.

What do I need to do?

Edit

I've uploaded the website to another server and the same issue persists, suggesting the fault is not anything to do with the computer but more due to .NET or IIS

IIS is set to use Integrated Managed Pipe (not classic) and I've tried adding permission for NETWORK SERVICE and IUSR.

MyDaftQuestions
  • 4,487
  • 17
  • 63
  • 120

2 Answers2

4

The solution was odd... I don't understand the why/how but I understand the what. I have no idea if this will help others, but I've posted the answer regardless

The application allows pictures to be uploaded, which are stored in 

C:\someUploads

When the website is loaded, it copies the files from C:\someUploads to the website path as shown in the original post.

This is where the issue was occurring. I removed all the images in the website path (as shown in the original post) and restarted the website and it just worked, copying all the files in as expected. I closed the website, restarted IIS and the app pool (recycle) and it's still working.

MyDaftQuestions
  • 4,487
  • 17
  • 63
  • 120
  • Most likely there were permission issues on the files you deleted. Sometimes, you have to reset and own all permissions on files before you can properly write new 'ALLOW' permissions as 'DENY' permissions take precedence. – Chibueze Opata May 23 '17 at 10:30
1

Check the folder exists in Web.config and include

<add key="filePath" value="C:\Websites\Website\Content\Images\Uploads\" />

and check the folder path of IIS Server location.

Oliver
  • 9,239
  • 9
  • 69
  • 100
jeremylee
  • 21
  • 1
  • 3