Virtual directories and Web Services

[steve]

Could anyone help with the following?

I have an web application that has a regular ASP.Net interface and a Web
service interface. Bot the the ASP.NET and Web Serivce do very little before
passing control into a common Class Library (C#).

Both methods work fine accessing a virtual directory on the local web
server, however if I redirect the virtual directory to a share on another
computer, requests (for example File.exist) orignating from the ASP.NET are
OK, but the web service requests are refused. Do web services run under a
different account or do I need to do something different ?

 

[Dan Rogers]

I hope I can help.

Code that is running in the CLR, such as ASP.NET web services uses policy
based .NET security. This is a new, value-add addition to the web
programming stack that any .NET based code will need to work with.

By default, requests coming in from an unauthorized user are not given any
permissions to access files, create directories or call system code. The
programmers of your web services, if they need to do this, have to add in
the appropriate code access security attributes and use strongly named
assemblies to get the CLR to "break out of the sandbox" - so to speak.

For a primer, search in MSDN on "code access security" and read about how
it works, how administrators get to choose the level of security on a
policy basis, and how developers declaratively add in requests for certain
explicit permissions in their code.

I hope this helps

Dan Rogers
Microsoft Corporation

--------------------