Re: System.UnauthorizedAccessException: Access is denied

• Previous message: Greg Burns: "Re: Login failed for user '(null)'. Reason: Not associated with a trus"
• In reply to: Efi: "System.UnauthorizedAccessException: Access is denied"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 2 Sep 2004 08:27:11 -0500

ASPNET account is local to the web server machine and normally it is not a
domain account. Granting permission to the ASPNET account may not bring any
good because it has no permission outside the box.

Are you implementing Windows Integrated Authentication? If so, you can turn
the impersonation to true (i.e. use the original callers domain account) in
code before calling the COM+ component and turn it back to false by using
Undo method. You can also trun the impersonation to true at all time but it
really depends on the architecture of the application.

If you are not using the Windows Integrated Authentication, you can
impersonate a specific user with their username and password. Look at this
article on how to do it--
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT01.asp

A lot more can be said but it's hard to comment w/o knowing the architecture
of the asp.net application.

Prodip

"Efi" <Efi@discussions.microsoft.com> wrote in message
news:CDA0A038-24E8-4D31-A7FC-D7029CE0000B@microsoft.com...
> Hi,
> We have a simple 3 tier application which its core application is VC++ 6.0
> ATL COM running as a server application in the COM+. An asp pipe is in
charge
> of handling the requests and passes it to the COM for processing.
>
> We are now trying to migrate the asp pipe to Asp.Net (C#).
>
> When running the above configuration with Asp.Net on IIS 5.0 (W2K) we have
> no problems but when trying the do it on IIS 6.0 (W2K3) we are getting the
> following error which is basically access denied error on the line that
tries
> to create the COM instancing.
> Access is denied.
> Description: An unhandled exception occurred during the execution of the
> current web request. Please review the stack trace for more information
about
> the error and where it originated in the code.
>
> Exception Details: System.UnauthorizedAccessException: Access is denied.
>
> ASP.NET is not authorized to access the requested resource. Consider
> granting access rights to the resource to the ASP.NET request identity.
> ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5
or
> Network Service on IIS 6) that is used if the application is not
> impersonating. If the application is impersonating via <identity
> impersonate="true"/>, the identity will be the anonymous user (typically
> IUSR_MACHINENAME) or the authenticated request user.
>
> To grant ASP.NET write access to a file, right-click the file in Explorer,
> choose "Properties" and select the Security tab. Click "Add" to add the
> appropriate user or group. Highlight the ASP.NET account, and check the
boxes
> for the desired access.
>
> Source Error:
> An unhandled exception was generated during the execution of the current
web
> request. Information regarding the origin and location of the exception
can
> be identified using the exception stack trace below.
>
> Stack Trace:
>
> [UnauthorizedAccessException: Access is denied.]
> BurstingPipe.Net.WebForm1.Page_Load(Object sender, EventArgs e) in
> d:\burstingweb\burstingpipe.net\adserverpipe.aspx.cs:160
> System.Web.UI.Control.OnLoad(EventArgs e) +67
> System.Web.UI.Control.LoadRecursive() +35
> System.Web.UI.Page.ProcessRequestMain() +731
>
> I've tried to set permissions (ASPNET and Network Service) on files and in
> the COM+ (Launching permissions).
>
> Help Please!!!
>
> Thanks,
>
> Efi

• Previous message: Greg Burns: "Re: Login failed for user '(null)'. Reason: Not associated with a trus"
• In reply to: Efi: "System.UnauthorizedAccessException: Access is denied"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]