Hi, I created an asp.net website that wrotes information on an Access DataBase and allow users to upload pdf files. But I have a security error, telling that ASP.NET doesn't have the rights to create de file (but writing in the DB works perfectly).

This is the error message :

Server Error in '/greffe2' Application.
--------------------------------------------------------------------------------

Access to the path '\\platon2\greffe2\09-123\document17.pdf' is denied.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.UnauthorizedAccessException: Access to the path '\\platon2\greffe2\09-123\document17.pdf' is denied.

ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.


------------------------------------------------------------

I did what it is said (changed the rights of APSNET and Network Servivce) but it still doesn't work. I checked a lot of forums but it looks like when others change those rights it works after that but not me... If you have a solution please help!


thanks

Skullish

Hi,
Before accessing the file, do check that the file is not read only. So that you may access them properly.

very simple error..

go to explorer...find the folder where you are uploading files..

right click on properties & select security and allow all users to write operations ....and next run your application and rest will do just fine....

very simple error..

go to explorer...find the folder where you are uploading files..

right click on properties & select security and allow all users to write operations ....and next run your application and rest will do just fine....

all users too have full rights on all directory and files of my site and it still doesn't work. I also checked my file I want to upload and it isn't in read-only. But all my directories of my site are in read-only and when and try to not have them in read-only, they automaticaly return in read-only. But I don't know if this is the problem, because my App_data folder is in read-only and I can modify my Access DataBase in it.

if you want my code, there it is (sorry, it is in french) :

'Bouton Déposer
    Private Sub btnDeposer_Click(ByVal sender As Object, _
                                 ByVal e As System.EventArgs) _
                                 Handles btnDeposer.Click
        'Si un fichier a été uploadé et si le fichier est un pdf
        If fuParcourir.FileName <> "" AndAlso regValidation.IsValid Then
            Dim strLien As String = CHEMIN_PROJET & SessionVariables.Plumitif & "\" & fuParcourir.FileName  'Chemin du fichier
            Dim dvDocuments As New DataView(SessionVariables.DataSet.Tables("Document"))                'DataView de la table Document
            'On filtre les documents pour vérifier si un document a déjà été déposé avec ce nom
            dvDocuments.RowFilter = "doc_lien ='" & strLien & "'"
            'S'il n'y a pas de document portant ce nom
            If dvDocuments.Count = 0 Then
                With gabObjet
                    Dim colCommandesAUtiliser As New Collection 'Collection des commandes à utiliser lors de la connexion avec la BD
                    Dim intNumeroDocument As Integer            'Numéro automatique du nouveau document
                    Dim strNow As String = Now                  'Date et heure du jour

                    'Définition des paramètres
                    .pDocDate.Value = strNow
                    .pDocLien.Value = strLien
                    .pDocUsager.Value = SessionVariables.NomUtilisateur.ToUpper

                    'Définition des commandes utilisées
                    colCommandesAUtiliser.Add(.CommandeDocument)

                    'Mise à jour de la BD
                    Try
                        .OuvrirConnexion(colCommandesAUtiliser)
                        intNumeroDocument = .AjouterDocument()
                        .FermerConnexion()
                    Catch ex As Exception
                        lblErreur.Text = "Ajout du document dans la base de donnée impossible. Veuillez réessayer plus tard."
                        lblErreur.Visible = True
                        .FermerConnexion()
                        Exit Sub
                    End Try

                    'Mise à jour du DataSet (table Document)
                    Dim drNouvelleLigne As DataRow = SessionVariables.DataSet.Tables("Document").NewRow()   'Nouvelle ligne
                    drNouvelleLigne.Item("doc_no") = intNumeroDocument
                    drNouvelleLigne.Item("doc_date") = strNow
                    drNouvelleLigne.Item("doc_lien") = strLien
                    drNouvelleLigne.Item("doc_usager") = SessionVariables.NomUtilisateur.ToUpper
                    SessionVariables.DataSet.Tables("Document").Rows.Add(drNouvelleLigne)

                    'On copie le fichier sur le réseau
                    fuParcourir.SaveAs(strLien)

                    SessionVariables.DataSet.AcceptChanges()

                    'On avertit les autres usagers de la cause
                    EnvoiMails()
                End With
                Response.Redirect("Plumitif.aspx")
            Else
                lblErreur.Text = "Il existe déjà un document portant ce nom dans le plumitif. " & _
                                 "Veuillez renommer votre document avant de le déposer."
                lblErreur.Visible = True
            End If
        Else
            lblErreur.Text = "Vous devez choisir un fichier valide avant de déposer."
            lblErreur.Visible = True
        End If
    End Sub

If you have any suggestion, please tell.

Skullish

I assume that you are uploading the file to a network share folder '\\platon2\greffe2\09-123\'.

If you are running your ASP.NET application, then you need to have read/write access for the 'YourMachineName\ASPNET' account to the shared folder.

I also assume that you might given access only at folder level and not for sharing permission.

If my assumtion is correct, set set access rights to the folder sharing also.

I'm sorry I'll give more details.
My website is in \\platon2\greffe2\
There are severals folder named like 09-123 created by another application. I want to put uploaded files in these folders. So I changed the NTFS rights for all the files and folders of my site (PLATON2\ASPNET have full rights and Network Service also. Same even for Everyone!) but it didn't help. I tried restarting IIS but it didn't help either.
I don't think the folder containing uploaded files should be shared, so the error must be somewhere else.
Maybe it is because all my folders are in read-only (but I doupt it because it works when I run my application in a local machine...)

any other suggestions?

thanks for trying helping me
Skullish

skullish,
Use ~ root operator. Is your application running under IIS 5/6? If yes then set write permission to that folder for Users group.

1. Create a folder in your root of web application - say 'test'.
2. Write following statements to save a file

Dim filepath as String=MapPath("~/test/" & FileUpload1.FileName)
  FileUpload1.SaveAs(filepath)
This question has already been answered. Start a new discussion instead.