Re: DPAPI Enterprise Services Example

From: Paul Glavich [MVP - ASP.NET] (glav_at_aspalliance.com-NOSPAM)
Date: 08/24/04 

Date: Tue, 24 Aug 2004 21:55:34 +1000

Sorry, correction to my last post, the path to the directory is :-
\Documents and Settings\All Users\Application Data\Microsoft\Crypto

or even just

\Documents and Settings\All Users\Application
Data\Microsoft\Crypto\RSA\MachineKeys

I think may do the trick. 

-- 
- Paul Glavich
Microsoft MVP - ASP.NET
"Paul Glavich [MVP - ASP.NET]" <glav@aspalliance.com-NOSPAM> wrote in
message news:echdn5ciEHA.3428@TK2MSFTNGP11.phx.gbl...
> Looks like you are using a ServicedComponent in COM+? That may complicate
> things a little but you may need to give read/write access to whichever
user
> you are running under (might be ASPNET, NETWORK SERVICE, or the defined
> identity in COM+) to your "\Document And
> Settings\{user}\ApplicationData\Crypto" directory.
>
> -- 
> - Paul Glavich
> Microsoft MVP - ASP.NET
>
>
> "Bill Heckle" <billheckle.spam@hotmail.com> wrote in message
> news:D0CD2FDF-F29C-46E4-955A-5665AFE9603A@microsoft.com...
> > I am trying to work through the sample from msdn, "How To Use DPAPI
(User
> > Store) from ASP.NET with Enterprise Services". I thought I had
everything
> > configured correctly. I tried to test the service and get the following
> > error.(Sorry for encluding every line). I am confused as to what setting
> is
> > incorrectly set. Additionally, the paragraph on giving asp.net access
> doesn't
> > help me at all. Thanks for help, as I don't want to keep thrashing
about.
> Any
> > advice on where to read more about security in general is appreciated.
> >
> > Exception Details: System.UnauthorizedAccessException: Access is denied.
> > ASP.NET is not authorized to access the requested resource. Consider
> > granting access rights to the resource to the ASP.NET request identity.
> > ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5
> or
> > Network Service on IIS 6) that is used if the application is not
> > impersonating. If the application is impersonating via <identity
> > impersonate="true"/>, the identity will be the anonymous user (typically
> > IUSR_MACHINENAME) or the authenticated request user.
> >
> > To grant ASP.NET write access to a file, right-click the file in
Explorer,
> > choose "Properties" and select the Security tab. Click "Add" to add the
> > appropriate user or group. Highlight the ASP.NET account, and check the
> boxes
> > for the desired access.
> >
> > Source Error:
> > Line 59: private void btnEncrypt_Click(object sender, System.EventArgs
e)
> > Line 60: {
> > Line 61: DataProtectorComp dp = new DataProtectorComp();
> > Line 62: try
> > Line 63: {
> >
> > Source File: c:\documents and
> > settings\bill\vswebcache\billfun\dpapiweb\webform1.aspx.cs    Line: 61
> >
> > Stack Trace:
> >
> > [UnauthorizedAccessException: Access is denied.]
> >    System.Runtime.InteropServices.Marshal.ThrowExceptionForHR(Int32
> > errorCode, IntPtr errorInfo) +0
> >    System.EnterpriseServices.Thunk.Proxy.CoCreateObject(Type serverType,
> > Boolean bQuerySCInfo, Boolean& bIsAnotherProcess, String& uri) +581
> >
> >
>
System.EnterpriseServices.ServicedComponentProxyAttribute.CreateInstance(Typ
> e
> > serverType) +181
> >
> >
>
System.Runtime.Remoting.Activation.ActivationServices.IsCurrentContextOK(Typ
> e
> > serverType, Object[] props, Boolean bNewObj) +74
> >    DPAPIWeb.WebForm1.btnEncrypt_Click(Object sender, EventArgs e) in
> > c:\documents and settings\bill
> > heckle\vswebcache\billfun\dpapiweb\webform1.aspx.cs:61
> >    System.Web.UI.WebControls.Button.OnClick(EventArgs e) +108
> >
> >
>
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePo
> stBackEvent(String eventArgument) +57
> >    System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler
> > sourceControl, String eventArgument) +18
> >    System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
+33
> >    System.Web.UI.Page.ProcessRequestMain() +1277
> >
> >
> >
> >
>
>