I can delete files OUTSIDE my authenticated app, but not inside it.

[darrel]

I'm trying to figure out why I can't delete a file from within my
application.

Part of my application is protected via forms authentication. If I try to
call a delete file function from within that, I get prompted for a
username/password by the browser/server and eventually just get a permission
denied error.

If I use the function outside the protected folder, it can delete the same
exact file just fine.

Is this an impersonation issue?

-Darrel

 

[darrel]

Is this an impersonation issue?

So, from my understanding, by default, asp.net applications SHOULD be
running as the ASPNET user on the server and that unless I specifically
enable impersonation, that shouldn't change.

I'm not sure what to check next. If I log into my application, I have
permission to SAVE files, but not DELETE. Outside the authenticated area of
my site, I have permission to DELETE just fine. It sounds like the
authenticated part of my application is running as a different user somehow?

Here's my config info:

<authentication mode="Forms">
<forms name="userLoggedIn" path="/" loginUrl="/ysAdmin/login.aspx"
protection="All" timeout="60"></forms>
</authentication>

<authorization>
<allow users="*" />
</authorization>

<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="20"
/>

</system.web>

<location path="ysAdmin">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>

-Darrel