Frustrated setting up write permission to a folder

[gnewsgroup]

OK, I know this sounds stupid, but I have been playing with this for
hours, and could not get a clue.

In my asp.net 2.0 web application, I generate charts on the fly. I
would like to save the charts png images in a particular folder. So,
I created a folder ChartImages under the root of my web application.

Whenever I run the web application, I get a folder access is denied
error.

Well, if I choose to save the png images directly under the root of
the web application, though organizationally messy, I don't run into
problems at all.

I have added the ASPNET account to this ChartImages folder, and let it
have full control, but it still doesn't work. It makes no difference
whether or not I inherit the permission from the parent folder.

I see people making the same manipulation and it works. For example,
at

http://forums.asp.net/t/1185795.aspx , Mike offered the same solution:

<quote>
When you right click on a folder, you should have an option in the
context menu which says something like Security and Permission..., or
if you select Properties, you should see a Security tab. If you can't
see these, you will have to uncheck Use Simple File Sharing in Folder
Options.

Once you've done that, you should get the Security option. Within
that, Click Add, then Advanced, then Find Now. ASPNET should appear
somewhere in the list. Select it, click OK, then click OK again.
Select it in the Group or User names, then click Modify. Apply, and
that's it.
</quote>

How come I cannot make it work? Am I missing anything critical?
Thank you very much!

 

[sloan]

I don't see any issues from your description.


Is this DEV or Production??


In a DEV environment, you may have to grant permissions to this directory

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET
Files\MyWebSite\ChartImages\
(alter for your version of dotnet, and your app name of course)

-----------------
One thing I do...when encountering something like this....
is "make sure you know who YOU are".


private string FindIIdentity()
{

try
{
//'Dim user As WindowsPrincipal =
CType(System.Threading.Thread.CurrentPrincipal, WindowsPrincipal)
//'Dim ident As IIdentity = user.Identity

string returnValue = string.Empty;


WindowsIdentity ident = WindowsIdentity.GetCurrent();
returnValue = ident.Name;

try
{
returnValue += " on " + System.Environment.MachineName;
}
catch (Exception ex)
{

}

return returnValue;
}


catch (Exception ex)
{

return "Error Finding Identity";
}

}


That's some crappy code..but it might point to something you don't see.

...

Make sure when deploying...you don't accidently unzip (or whatever your
deploy strategy is)..overwrite the folder.
It could reset the permissions and screw you.

 

[Mark Rae [MVP]]

I have added the ASPNET account to this ChartImages folder,

Are you absolutely certain that your web app is running under the ASPNET
account...?

 

[gnewsgroup]

I don't see any issues from your description.

Is this DEV or Production??

In a DEV environment, you may have to grant permissions to this directory

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET
Files\MyWebSite\ChartImages\
(alter for your version of dotnet, and your app name of course)

-----------------
One thing I do...when encountering something like this....
is "make sure you know who YOU are".

private string FindIIdentity()
{

try
{
//'Dim user As WindowsPrincipal =
CType(System.Threading.Thread.CurrentPrincipal, WindowsPrincipal)
//'Dim ident As IIdentity = user.Identity

string returnValue = string.Empty;

WindowsIdentity ident = WindowsIdentity.GetCurrent();
returnValue = ident.Name;

try
{
returnValue += " on " + System.Environment.MachineName;
}
catch (Exception ex)
{

}

return returnValue;
}

catch (Exception ex)
{

return "Error Finding Identity";
}

}

That's some crappy code..but it might point to something you don't see.

..

Make sure when deploying...you don't accidently unzip (or whatever your
deploy strategy is)..overwrite the folder.
It could reset the permissions and screw you.

Thank you for the code. I didn't know how to programmatically find
out the machine account which runs the web application. I stole your
code and found it out. The answer is

my_machine_name\ASPNET on my_machine_name

This also answers Mark's question. So, it is indeed running under the
ASPNET account.

I do see some change while I keep playing with it.

The png images are saved successfully into that folder, but the
browser does not show me that image, but instead a red X.

Now, you may be wondering about the path to the png images. So, it's
helpful to clarify. I am using Dundas charting library. We specify
the URL to the chart images like so:

chart.ImageUrl = "~/ChartImages/ChartPic_#SEQ(300,3)";

And that's exactly what I did.

BTW, the Temporary ASP.NET Files folder does not have the folder
hierarchy I have in my development folder. It only has some folders
with arbitrary names like 2998aebf, de838ef. So, this Temporary
ASP.NET Files folder is probably irrelevant.

 

[gnewsgroup]

Thank you for the code. I didn't know how to programmatically find
out the machine account which runs the web application. I stole your
code and found it out. The answer is

my_machine_name\ASPNET on my_machine_name

This also answers Mark's question. So, it is indeed running under the
ASPNET account.

I do see some change while I keep playing with it.

The png images are saved successfully into that folder, but the
browser does not show me that image, but instead a red X.

Now, you may be wondering about the path to the png images. So, it's
helpful to clarify. I am using Dundas charting library. We specify
the URL to the chart images like so:

chart.ImageUrl = "~/ChartImages/ChartPic_#SEQ(300,3)";

And that's exactly what I did.

BTW, the Temporary ASP.NET Files folder does not have the folder
hierarchy I have in my development folder. It only has some folders
with arbitrary names like 2998aebf, de838ef. So, this Temporary
ASP.NET Files folder is probably irrelevant.

To sum up after I found out.

The ASPNET account needs to have modify permission (which includes
read and write, I think) to that folder.
And, the Internet Guest Account (i.e., the IUSR_MY_MACHINE_NAME) must
have read, read & execute permission.

Neither of these 2 accounts need to inherit the permission settings of
its parent.

This seems to be working fine now. Thanks again for hinting.

 

[sloan]

I wrap my img src setting, with these 2 helper methods:

public class DirectoryHelpers

{

public static string FindPhysicalRootDirectory(Page p)

{

string rootDir;

//rootDir = p.Server.MapPath("/");

rootDir = p.Server.MapPath("~/");

return rootDir;

}

public static string FindVirtualRootDirectory(Page p)

{

return "~/";

}



}


//end code

the second one seems trivial...but for some reason, it helps me.


But basically, if anything blows up.. I have one place to check/alter the
FindVirtualRootDirectory.....

 

[sloan]

PS

The reason I bought up the
Temporary ASP.NET Files
is that if youre using impersonation...you need to set setting manually on
those (in dev mode).

But you're not doing impersonation. ..so that's a non issue.

..
Yeah, I was incorrect about the structure in that
Temporary ASP.NET Files

BUT...again, if you use impersonation.. you'll have to set those
permissions.

...
And it may be a dev AND deployment(production) issue. My memory is flakey
on it a little, I just remember the issue from some years back.

 

[gnewsgroup]

I wrap my img src setting, with these 2 helper methods:

public class DirectoryHelpers

{

public static string FindPhysicalRootDirectory(Page p)

{

string rootDir;

//rootDir = p.Server.MapPath("/");

rootDir = p.Server.MapPath("~/");

return rootDir;

}

public static string FindVirtualRootDirectory(Page p)

{

return "~/";

}
}

//end code

the second one seems trivial...but for some reason, it helps me.

But basically, if anything blows up.. I have one place to check/alter the
FindVirtualRootDirectory.....

Thanks, but when would the application get lost about the root
directory?

 

[sloan]

I've run into some issues with

DEV but using IIS
DEV but using cassino (or the vs2005 version) (non IIS development)
PRODUCTION deploy (IIS of course)

Thus I went the encapsulation route.

Like I said, it looks dumb, but .... there's a reason I went to it ....

I should have commented better I guess.