Re: Creating a file that can be seen in the browser
- From: "David Thielen" <thielen@xxxxxxxxxxxxx>
- Date: Fri, 23 Dec 2005 09:01:01 -0800
Yes on both. The images directory gives IUSR_JASMINE full read rights. The
created files do not even list IUSR_JASMINE in the security properties.
--
thanks - dave
"Steven Cheng[MSFT]" wrote:
> Hi Dave,
>
> Though the dynamic image file is created by the asp.net process account
> (not IUSER_machine account), however, we can set the parent folder's NTFS
> permissions to let everyone read that folder (need to check the permssion
> inheritance....). Also, have you go to the images folder and lookup the
> NTFS permission setting of those dynamic created files?
>
> Regards,
>
> Steven Cheng
> Microsoft Online Support
>
> Get Secure! www.microsoft.com/security
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
>
>
>
> --------------------
> | Thread-Topic: Creating a file that can be seen in the browser
> | thread-index: AcYHE7PgY7pq8NyTSVOeelQTMB/Xnw==
> | X-WBNR-Posting-Host: 199.45.247.98
> | From: "=?Utf-8?B?RGF2aWQgVGhpZWxlbg==?=" <thielen@xxxxxxxxxxxxx>
> | References: <FF8E0EB4-A61A-4CAD-A76A-EA525E8E2A87@xxxxxxxxxxxxx>
> <eYtfnxaBGHA.1864@xxxxxxxxxxxxxxxxxxxx>
> <CBFEA6D6-57D8-4215-A3D9-4F85DFD9A56D@xxxxxxxxxxxxx>
> <Fnh7AShBGHA.2560@xxxxxxxxxxxxxxxxxxxxx>
> | Subject: Re: Creating a file that can be seen in the browser
> | Date: Thu, 22 Dec 2005 08:21:03 -0800
> | Lines: 142
> | Message-ID: <04FCF1C2-A403-402E-BD9C-7983EFD17FFD@xxxxxxxxxxxxx>
> | MIME-Version: 1.0
> | Content-Type: text/plain;
> | charset="Utf-8"
> | Content-Transfer-Encoding: 7bit
> | X-Newsreader: Microsoft CDO for Windows 2000
> | Content-Class: urn:content-classes:message
> | Importance: normal
> | Priority: normal
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
> | Newsgroups: microsoft.public.dotnet.framework.aspnet
> | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
> | Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl
> | Xref: TK2MSFTNGXA02.phx.gbl
> microsoft.public.dotnet.framework.aspnet:366591
> | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
> |
> | Hello;
> |
> | I looked in the properties but did not see anything about what
> permissions
> | to set for files created in my ASP app. What should I look for.
> |
> | The base problem is that when my ASP app creates a file, IUSR_JASMINE has
> no
> | rights to the file. IUSR_JASMINE does have rights to the images directory
> it
> | is placed in.
> |
> | What should I try next?
> |
> | --
> | thanks - dave
> |
> |
> | "Steven Cheng[MSFT]" wrote:
> |
> | > Hi Dave,
> | >
> | > I've just tried the link you provided, when I submit to generate a
> html/css
> | > report, the page will popup authenticate dialog to ask me
> | > username/password.... I think this should be the problem. Is that
> | > "images" sub folder being protected by certain authentication in
> IIS(Allow
> | > anonymous) or what's the IIS's virtual dirctory access permission
> setting
> | > (not NTFS permission setting), you can check this in the IIS manager's
> home
> | > directory tab( for that "images" sub virtualdir....)...
> | > Also, please check the IIS log to see the error entry about the
> accessing
> | > to the image file ( the error status code....)
> | >
> | > Thanks,
> | >
> | > Steven Cheng
> | > Microsoft Online Support
> | >
> | > Get Secure! www.microsoft.com/security
> | > (This posting is provided "AS IS", with no warranties, and confers no
> | > rights.)
> | > --------------------
> | > | Thread-Topic: Creating a file that can be seen in the browser
> | > | thread-index: AcYFrctS5I1SEXpLSguepNq8Il5g4A==
> | > | X-WBNR-Posting-Host: 199.45.247.98
> | > | From: "=?Utf-8?B?RGF2aWQgVGhpZWxlbg==?=" <thielen@xxxxxxxxxxxxx>
> | > | References: <FF8E0EB4-A61A-4CAD-A76A-EA525E8E2A87@xxxxxxxxxxxxx>
> | > <eYtfnxaBGHA.1864@xxxxxxxxxxxxxxxxxxxx>
> | > | Subject: Re: Creating a file that can be seen in the browser
> | > | Date: Tue, 20 Dec 2005 13:39:02 -0800
> | > | Lines: 60
> | > | Message-ID: <CBFEA6D6-57D8-4215-A3D9-4F85DFD9A56D@xxxxxxxxxxxxx>
> | > | MIME-Version: 1.0
> | > | Content-Type: text/plain;
> | > | charset="Utf-8"
> | > | Content-Transfer-Encoding: 7bit
> | > | X-Newsreader: Microsoft CDO for Windows 2000
> | > | Content-Class: urn:content-classes:message
> | > | Importance: normal
> | > | Priority: normal
> | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
> | > | Newsgroups: microsoft.public.dotnet.framework.aspnet
> | > | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
> | > | Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGXA03.phx.gbl
> | > | Xref: TK2MSFTNGXA02.phx.gbl
> | > microsoft.public.dotnet.framework.aspnet:366112
> | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
> | > |
> | > | Hello;
> | > |
> | > | I earlier gave IIS_WPG write permissions and that was sufficient to
> | > create
> | > | the file (it's reading it that is the problem.
> | > |
> | > | I just tried as you suggested and also gave ASPNET write permission,
> but
> | > no
> | > | help. Still created with the same 4 permissions and the end user
> cannot
> | > view
> | > | the png file.
> | > |
> | > | --
> | > | thanks - dave
> | > |
> | > |
> | > | "Phillip N Rounds" wrote:
> | > |
> | > | > Give ASPNET write permission in the appropriate directory. This is
> the
> | > | > built-in account for ASP.NET, not IUSR_JASMINE as you had assumed.
> | > | >
> | > | >
> | > | > "David Thielen" <thielen@xxxxxxxxxxxxx> wrote in message
> | > | > news:FF8E0EB4-A61A-4CAD-A76A-EA525E8E2A87@xxxxxxxxxxxxxxxx
> | > | > > Hi;
> | > | > >
> | > | > > My ASP.NET app (C# calling J# under .net 2.0) creates a png file
> in a
> | > | > > subdirectory to display as part of the created page. However, the
> | > bitmap
> | > | > > will
> | > | > > not display due to a security violation.
> | > | > >
> | > | > > Everything is the default settings I believe. IIS is running
> under
> | > Local
> | > | > > System. In IIS the DefaultAppPool is running under Network
> Service.
> | > | > > Annonymous access uses the account IUSR_JASMINE (machine name is
> | > Jasmine).
> | > | > >
> | > | > > The application is an ASP.NET application. You can go to
> | > | > > http://www.windwardreports.com/RunReportASP/ReportForm.aspx,
> select
> | > the
> | > | > > html
> | > | > > output, and run it to see the problem.
> | > | > >
> | > | > > The images directory where the file is created has granted to
> | > IUSR_JASMINE
> | > | > > Read & Execute, List Folder Contents, and Read permissions. Under
> | > Advanced
> | > | > > it
> | > | > > has checked "Allow inheritable permissions..."
> | > | > >
> | > | > > I also had to give IIS_WPG write permissions in images to create
> the
> | > file.
> | > | > > The creation occurs fine. However the created files only have
> | > permissions
> | > | > > for
> | > | > > Administrators, Network Service, Power Users, and System.
> | > | > >
> | > | > > The file is created with and written to using new
> | > | > >
> | >
> FileOutputStream("c:\Intepub\wwwroot\windwardreports\images\wr_tempname.png"
> | > )
> | > | > >
> | > | > > Is this a J# issue, or an IIS issue, or an ASP.NET issue? (Or is
> it
> | > me?)
> | > | > > Somehow the created file is not getting the permissions of the
> | > directory
> | > | > > it
> | > | > > is being created in.
> | > | > >
> | > | > > ??? - thanks - dave
> | > | > >
> | > | >
> | > | >
> | > | >
> | > |
> | >
> | >
> |
>
>
.
- References:
- Re: Creating a file that can be seen in the browser
- From: Phillip N Rounds
- Re: Creating a file that can be seen in the browser
- From: Steven Cheng[MSFT]
- Re: Creating a file that can be seen in the browser
- From: David Thielen
- Re: Creating a file that can be seen in the browser
- From: Steven Cheng[MSFT]
- Re: Creating a file that can be seen in the browser
- Prev by Date: Re: vs2005 debugging on ws2k3 server
- Next by Date: Re: Comparing values between two arrays
- Previous by thread: Re: Creating a file that can be seen in the browser
- Next by thread: Re: Creating a file that can be seen in the browser
- Index(es):
Relevant Pages
|
