Security :: Site Needs To Access File Across A Workgroup?

Oct 21, 2010

I have an ASP.net 2.0 website that sits on a Windows XP SP3 box on IIS 5.1. The website needs to go across a UNC path to another server to grab an image file. Both boxes are in the same workgroup but no domain is setup. I have created the same user on both boxes with the same password and the website is using anonymous access using that account. The account is an admin on both boxes(i know security risk but this is for testing). File.Exists() just keeps returning false but the file is there. I suspect it has something to do with the ASPNET account but i'm at a loss. I've tried aspnet impersonation using that account as well with no luck.

View 4 Replies


Similar Messages:

File.OpenRead() Accesses File On Share Within Workgroup But Not A Remote Share?

Mar 4, 2011

I have an ASP.NET MVC application that attempts to read a file in using a filestream and File.OpenRead().
When the path to the file is a share on the same workgroup, and I give access to NETWORK SERVICE for the share, this works perfectly as desired.

However, when the path to the share is a UNC path to a remote share within the LAN, with read permissions open for "Everyone", the "File.OpenRead()" method throws an exception saying "Could not find a part of the path".

In my test cases I'm debugging locally with the ASP.NET MVC app being given a UNC path to the computer that it's actually running on. It's a share on my C drive, being "Shared" with permissions to "Everyone" for read access.

Is there something in IIS that needs to be configured? If I try to impersonate, in this context, the impersonation doesn't matter because NETWORK SERVICE was the user trying to access the files when it worked for a share in the same workgroup.

View 2 Replies

Security :: How To Allow Users Out Of The Domain To Access Site

Jun 29, 2010

Currently in my application using LDAP to authenticate user to a specific domain & then i check if the user exist in my site database.

Now i need to also allow users who do not belong to this specific LDAP domain to access my site ..How can i make it possible withoput affecting the exisiting users?

View 1 Replies

Security :: Get The Number Of User Which Access To The Site?

Oct 31, 2010

i want to know the number of users wich access to my site and show it

View 4 Replies

Site Security/Access Management For Mvc Application

Mar 25, 2010

I am trying to find a good pattern to use for user access validation.

Basically on a webforms application I had a framework which used user roles to define access, ie, users were assigned into roles, and "pages" were granted access to a page. I had a table in the database with all the pages listed in it. Pages could have child pages that got their access inherited from the parent.

When defining access, I assigned the roles access to the pages. Users in the role then had access to the pages. It is fairly simple to manage as well. The way I implemented this was on a base class that every page inherited. On pageload/init I would check the page url and validate access and act appropriately.

However I am now working on a MVC application and need to implement something similar, however I can't find a good way to make my previous solution work. Purely because I don't have static pages as url paths. Also I am not sure how best to approach this as I now have controllers rather then aspx pages.

I have looked at the MVCSitemapprovider, but that does not work off a database, it needs a sitemap file. I need control of changing user persmissions on the fly.

View 2 Replies

Security :: Restrict Access To Site From Outside Office?

Nov 9, 2010

I am faced with a rather tricky issue. I am developing a web application that resides beneath a web site. The web application is actually meant for the employees of the company owning the web site. The employees can access the web app from the login facility on the site.

The situation demands that an employee must be able to login to the app only from the office machines and not from anywhere outside. I thought of a logic where in the IP address of the machine in which the employee sits will be stored against the employee profile and when he logs in, the authentication will check for user credentials as well as whether he is logging from the designated IP. If not he is not allowed access to the app even if the login credentials where correct.

I am not sure if this is a good way, because I feel tricky persons can give the same IP of the office machine in another machine, say at home and the logic is broken. Can somebody provide me a better way of solving the issue. I am using ASP.Net login control for user login.

View 3 Replies

How To Implement Security For MVC Site To Deny Access To A Particular Group

Dec 8, 2010

I have an internal corporate ASP.NET MVC website.

Requirement(1): When any person is on the network, they can access this site EXCEPT one AD Group (Example: AD_Sales group).

Requirement(2): Also like for example if a person that has the access passes a url (Ex: http://mysite/Home/Index/Product/Letter) to a sales group person, he still should NOT access and need to display a custom message saying "You are not authorised to view this page".

If the scenario is like to issue the access to one AD Group and deny access for all others, it is fairly is. It can done from IIS. I am Wondering how to do this.

View 2 Replies

Web Forms :: Need To Access The Site Map File?

Dec 10, 2010

1. I need to access the Site map File.

2. without webconfig file!

3. For ex: Admin,User

If admin Login all Menu will be visible

If user Login Limited menu Will be vislble.how to do that ,

View 1 Replies

Security :: Some Users Are Unable To Access My Internet Site With Windows Authentication?

Oct 15, 2010

I have an intranet site that i set up to windows authentication. It works fine most of the time but some departments wont be able to access the site and will be asked to enter user name and password.I checked their Active Directory account and the only difference i could see was that the organizational unit parameter was different than the rest of the users.

View 5 Replies

Security :: Why Access Files Inside A Forms Authenticated Part Of Site

Aug 18, 2010

Why can I still access files inside a forms authenticated part of my site? Any webpages say that you need to login to view them, but people can still access images by typing in the address bar. I am using forms authentication with my own database, so none of the aspnetdb services like membership roles etc. Is this a bad way to do things because I'm pretty deep into it now and it would be very difficult to change.

View 16 Replies

Security :: Read Xml File From A Secure Site?

Feb 8, 2010

I don't think the site has a web service available, so I need to pass the login credentials and read the xml file (e.g.https://www.somesite.com/needthisfile.xml). What do I use to do this?

View 1 Replies

Security :: Export List Of Users From Site Membership To Xls File

Jan 8, 2011

I have the requirement to export all my users and custom profile properties to an excell spreadsheet but i can find a way to do it. I have found several exampls of how to export the Profile information eg(

UserName
Email
PasswordQuestion
Comment
IsApproved
IsLockedOut
LastLockoutDate
CreationDate
LastLoginDate
LastActivityDate
LastPasswordChangedDate
IsOnline
ProviderName
)

but i can't see a way to export the following info for example;

<profile enabled="true" defaultProvider="AccessProfileProvider">
<providers>
<add name="AccessProfileProvider" type="AccessProviders.AccessProfileProvider" connectionStringName="ProfileAccessProvider" applicationName="MandS_2010" description="Stores and retrieves profile data from an personal Access database."/>
</providers>
<properties>
<group name="SupplierProfile">
<add name="CompanyName" type="String"/>
<add name="HoldingCompany" type="String"/>
<add name="Address" type="String"/>
<add name="Telephone" type="String"/>
<add name="Fax" type="String"/>
<add name="TypeOfSupplier" type="String"/>
<add name="DirectSupplierCode" type="String"/>
<add name="Alist" type="String"/>
<add name="otherCode" type="String"/>
</group>

View 1 Replies

Security :: Restrict Access To File .wmv?

Oct 13, 2010

I want to secure a particular set of files in a folder by role type. I have the following entry (See below)...I notice this doesn't work (I.e., it doesn't secure the file by Role Type.. anyone can access the file). I've read that I need to map the .WMV extension to the ASp.Net DLL.

[Code]....

View 10 Replies

Configuration :: Can Run Website In A Workgroup

Jul 8, 2010

I can't run a website in a workgroup, it needs username and password.

View 2 Replies

Security :: How To Set Anonymous Access To IIS 7 From Web Config File

Aug 30, 2010

I have developed asp.net 2.0 website with crystal report now what my problem is whenever i go to crystal report page its by default going to login.aspx or default.aspx though i didt set any login to my asp.net page..

I talk with my hosting provider they said that the asp.net impersonate is enable..

I think in IIS 7 authentication if i set anonymous access enable, will it work fine?

so i need to know how to enable anonymous access from my webconfig ..

View 3 Replies

Security :: How To Protect Web.config File From External Access

Jun 18, 2010

How to protect our web.config file from external access.

I mean some sort of password protection.

View 3 Replies

Security :: Login With Username And Password In Access File

Apr 26, 2010

i am adding a login feature to a website with the user name and password stored in an access database table? can this be done through the WAT tool?

View 7 Replies

Security :: Deny Anonymous Access For Single .aspx File?

Nov 19, 2010

I have a folder called /Error in the root directory for an ASP.Net site. The site is completely public, so there is no authentication of users. Inside the Error folder, I have a file called errorlog.aspx, where I log unhandled exceptions. I don't want the public to be able to view this file. I created a web.config file inside the Error folder.

[Code]....

However, I'm still able to view errorlog.aspx by typing the URL into the browser. What am I missing?

View 3 Replies

Security :: .SWF File Access - Displays It As An Embedded Flash Animation

Jan 18, 2010

I have a question about security. If I put the ip address and full path for my swf file which is embedded within my asp.net application I can access it. I do want anyone to access that file. The file should only be viewed upon logging in to the asp.net webportal which displays it as an embedded flash animation.

View 1 Replies

Security :: How To Limit User To Access Database And Web.config File

May 6, 2010

I know I can use [assembly: FileIOPermission(SecurityAction.RequestRefuse, Unrestricted = true)] to limit user to access disk files, now I hope to limit user to access database and web.config file, how can I do?

View 2 Replies

Security :: Delete File Error -- VS Dev Environment. Cannot Access Directory

Jan 26, 2011

Running winXP and Visual Studio 2005. Using only the Development server at this stage:

Have added asp.net machine user in Windows for the directory in question

Have set up web config as

<identity
impersonate="true"/>
<authorization>
<allow
users="?"
/>
</authorization>

Problem: In test environment using VS development server, want to allow all users (will change to specific roles when implemented) to add and delete files from the directory App_Data. I can successfully upload files, but when I attempt to delete a file I get the error....

System.UnauthorizedAccessException: Access to the path 'C:Documents and Settings.......App_Data' is denied.

View 3 Replies

Security :: Access Denied Error When Trying To Write To A File From Web Service?

Mar 12, 2010

I am getting "Access Denied" error when I am trying to write a file on my hard drive (C:/.... xmls/test.xml) from a webservice which is also on my local machine.

The folder structure is like this

AdminApp (Web Folder on C drive)
- WebServices Folder
- TestService.asmx
-Xmls Folder
- Test.xml

I tried following settings in IIS in my efforts to resolve the issue:

- Set anonynmous access checked with my account name and password under "Account Used for anonymous access" alongwith integrated windows authentication checked. I am a admin on my machine.

- Disabled anonymous access with only integrated windows authentication checked. I have identity impersonate = true set in my web.config.

View 4 Replies

Access An Internal Site Through An External Site?

Aug 6, 2010

I'm pretty sure the answer to this question is no, but I just wanted to get some feedback before I go down another path.

Here is my scenario. I have two websites. Website 1 is an internal website that cannot be accessed outside of our domain. Website 2 is an external website that can be accessed outside of the domain, but has access to webservices inside of the domain.

My question is, is there any possible way to display the internal page through the external page without making the internal page external.

View 1 Replies

Security :: Access Denied Error With Response.writefile Of UNC File In IIS7. Bug?

Mar 5, 2010

I'm moving applications from IIS6 to IIS7.5 (win 7 an win server 2008 r2), when 2 applications (with identity impersonate) try to get a file with response.writefile only from a UNC path i'll get "access denied". In IIS6 and Visual Studio Developer Web Server, same code works. I can save file with FilePath.SaveAs and get name and length with FileInfo, but not download. After 2 days of nightmares I have tried to change

Response.WriteFile(filePath)

to

Response.BinaryWrite(File.ReadAllBytes(filePath))

and now work. My question is: can I have a microsoft developer to sacrificate for my avenge?)

View 2 Replies

Security :: Pass Authentication From Site A To Site B ( Windows Credential)?

Dec 21, 2010

I have 2 website A and B.

B site with windows authentication

I want to open B site as new window from A site, so its ask for windows credential. I have credential in A site. I am opening B site using Javascript.window.open.

how i can set credential for B site from A site.

View 2 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved