0

I need to create a folder to use for storing files within it, in a .Net MVC3 application, but I think the problem is common to all ASP.Net platform. Problem is I can create the folder, but cannot write the files, because System.UnauthorizedAccessException occurred. I also tryed givin extra permission to the user currently running the web app, but nothing changes. This is my code so far:

if (!System.IO.Directory.Exists(fullPath))
{
    System.IO.Directory.CreateDirectory(fullPath);                    
    var user = System.Security.Principal.WindowsIdentity.GetCurrent().User;
    var userName = user.Translate(typeof(System.Security.Principal.NTAccount));
    var dirInfo = new System.IO.DirectoryInfo(fullPath);
    var sec = dirInfo.GetAccessControl();                    
    sec.AddAccessRule(new System.Security.AccessControl.FileSystemAccessRule(userName,
                    System.Security.AccessControl.FileSystemRights.Modify,
                    System.Security.AccessControl.AccessControlType.Allow)
                    );
    dirInfo.SetAccessControl(sec);                    
    System.IO.Directory.CreateDirectory(fullPath);                    
}
string fullPathFileName = System.IO.Path.Combine(fullPath, fileName);                
System.IO.File.WriteAllBytes(fullPath, viaggio.Depliant.RawFile);

Too bad, last line of code always throw System.UnauthorizedAccessException. I'm not impersonating user in my app, everything run under a predefined user. What should I do to create a folder and assure that the application can also create files within it?

Edited:

I also tryed to save the files in the App_Data special folder, but I still got the System.UnauthorizedAccessException error. Somebody can tell me why is that happening?

Improve this question

2 Answers 2

Reset to default
1

I hate to answer my own question when the problem is that stupid... I'm just trying to save a file without a proper filename: you can see I'm using the fullPath variable both for creating the folder and for saving the file, instead of using the correctly created fullPathFileName. Blame on me!

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Use App_Data folder, quote from http://msdn.microsoft.com/en-us/library/06t2w7da%28v=vs.80%29.aspx :

To improve the security of the data used by your ASP.NET application, a new subfolder named App_Data has been added for ASP.NET applications. Files stored in the App_Data folder are not returned in response to direct HTTP requests, which makes the App_Data folder the recommended location for data stored with your application, including .mdf (SQL Server Express Edition), .mdb (Microsoft Access), or XML files. Note that when using the App_Data folder to store your application data, the identity of your application has read and write permissions to the App_Data folder.

Improve this answer

4 Comments

I can't use the App_Data folder: the files that need to be uploaded are a lot, and could be big, and my requirements is to decouple application deployment from data-folder
Moreover, I tryed saving files even in the App_Data folder (to solve temporarly and go on with the development), but it doesn't work either... same error occured
can you check on server does IIS_IUSRS group have read / write access to the App_Data folder ?
Pretty strange that I can create and delete folder, but not create files, isn't it? I don't have a server at the time as I'm developing... so I'm using the VisualStudio 2010 integrated web server. Isn't there a way to check this programmatically?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.