Apache Mina Sshd Server Display and Change Root Directory - sshd

I am struggling with multiple Roots in Apache Mina. Using this constructor (it's marked private in the comment but is still public)
NativeFileSystemView(String userName, Map<String, String> roots, String current, char separator, boolean caseInsensitive)
allows to pass different "virtual name" and "physical directory" mappings. This works for the current directory (parameter "current") but unfortunately I do not find a way to "switch" between different roots nor is the "virtual name" displayed as "directory". Any hint how to use the root map correctly is appreciated.

Related

Access Denied for the signed URL .NET CloudFront

I'm trying to set up a cloudfront for my s3 bucket that will only allow users to read or write with the signed URLs.(read the file, upload, and download)
The S3 doesn't have public read/write permissions.
CloudFront is:
Http and HTTPS.
It has Trusted Signer as self.
It has Restricted View access.
It has a origin domain name as origin-domain-name/public.
Lastly, it has a origin access identity as origin-access-identity/cloudfront/XXXXXXX.
I have my cloudfront pem file and aws private key id.
My c# code to generate signed url is:
StreamReader sr = new StreamReader("../../keys/CloudFront-PrivateKey.pem");
var url = AmazonCloudFrontUrlSigner.GetCannedSignedURL(
AmazonCloudFrontUrlSigner.Protocol.http,
"http://xxxxxxxxxx.cloudfront.net",
sr,
"public/AddinJudgeIssue.png",
"<AWS Private Key ID>",
DateTime.Now.AddDays(2));
Each time when I execute the code, it generates the URL. However, when I copy and paste it to URL, it says "access denied".
First of all, does anyone have any idea about why this happening?
Secondly, this works somehow, can I use this same technique to upload assets to the bucket?
Thank you and apologize for my ignorance. I digged the aws whitepapers, but failed to find a straightforward guidance.
A look at the documentation suggests two problems:
"http://xxxxxxxxxx.cloudfront.net" should not include http:// because the field is distributionDomain and expects the domain name, not the base URL.
"public/AddinJudgeIssue.png" should have a leading / because this field is resourcePath. Paths begin with a / even though object keys don't.
After doing some experiment, I got it working. Although I used root credentials and pem keys to generate the signed URL, I still had to give public read/write access to my S3 bucket. That was the reason why I was getting access denied error. On Cloudfront setup, "restrict bucket access" option gives restriction to my bucket anyway.

File.copy over lan with credentials

I have to copy a file to a pc in a lan network. Let's say I have to copy a file from 192.168.1.2 to 192.168.1.3. I have to copy in a folder named 'folder'.
So I have a folder with a path 192.168.1.3/folder. This folder has credentials username and password.
I saw already ways to do this like the following:
using (new Impersonator("username", "domain", "pass"))
{
File.Copy(#"192.168.1.2\file.txt", #"192.168.1.3\folder\file.txt");
}
what is the domain in this case?
Domain is (usually) the name of the Active Directory domain. You can open the Control Panel, make sure you're in icon view, click on System, then view the domain in "Computer name, domain, and workgroup settings". If it ends in .local, .net or .com or something similar you may be able to leave the part off.
By the way, usually when using UNC network paths like that, you'll lead with a double slash before the computer name. Ex:
using (new Impersonator("username", "domain", "pass"))
{
File.Copy(#"\\192.168.1.2\file.txt", #"\\192.168.1.3\folder\file.txt");
}

how can i check url "\\abc\wof\TY044-12" exist

i 've tried using
string path= "\\abc\wof\TY044-12";
bool exist=System.IO.Directory.Exists(path);
but 'bool' return true on localhost but return false on server side.
Also, i've searched some answers, but it is difficult reconfigure permission of IIS.
can i use FileWebrequest/httpWebRequest command? not understand about this
FileWebRequest request = (FileWebRequest)System.Net.WebRequest.Create("\\abc\wof\TY044-12");
FileWebResponse response = (FileWebResponse)request.GetResponse();
Ihope someone can help me. THANKS!!!
That looks more like a UNC.
To me it seems the appool account on iis which is hosting your application doesn't have permissions to access that UNC folder. Please refer link below to set it:
http://technet.microsoft.com/en-us/library/cc771170(v=ws.10).aspx
The link below says you can access files over the network using pre-registered reserved types like http, https, file, etc.
http://msdn.microsoft.com/en-us/library/bw00b1dc(v=vs.110).aspx
...And if you pass unc paths to the Uri class during construction, you can get the required uri scheme:
var uri = new Uri(#"\\abc\folder\file.jpg");
Console.WriteLine(uri.ToString()); //outputs - file://abc/folder/file.jpg
However the recommended approach is using classes in the System.IO namespace like you originally started out with.

Check whether a folder is a local or a network resource in .NET

Is there a quick way to check whether a path I have is on a local disk or somewhere on the network? I can't just check to see if it's a drive letter vs. UNC, because that would incorrectly identify mapped drives as local. I assumed it would be a boolean in the DirectoryInfo object, but it appears that it's not.
I've found classic VB code to do this check (through an API), but nothing for .NET so far.
System.IO.DirectoryInfo di;
if (System.IO.Path.IsPathRooted(di.FullName))
{
System.IO.DriveInfo drive = new System.IO.DriveInfo(System.IO.Path.GetPathRoot(di.FullName));
if (drive.DriveType == System.IO.DriveType.Network)
{
// do something
}
}
else // shouldn't be reached
{
// relative path => local
}
You could start with the UNC-check. Then, if it is not a UNC path, create a DriveInfo object for the drive and check the DriveType.
From the drive letter in the path, get a DriveInfo instance. This has a DriveType property, which can be: CDRom, Fixed, Unknown, Network, NoRootDirectory, Ram, Removable, or Unknown

ASP.NET: System.UnauthorizedAccessException - Access to Path Denied

I have an ASP.NET web application which does the following:
Reads an Excel file.
The excel file will have an image URL located in it that points to somewhere on the internet.
The program reads each image URL and store it into a temporary folder in the web server.
The application then resizes (changes the width and height) of the image.
Finally, the application will save that image to another folder.
I am getting the following exception:
System.Net.WebException: An exception
occurred during a WebClient request.
---> System.UnauthorizedAccessException:
Access to the path
'\abcserver\target03\3111\35644\www.testing.com\web\content\images\TempStorage\tempImage.jpg'
is denied. at
System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at
System.IO.FileStream.Init(String path,
FileMode mode, FileAccess access,
Int32 rights, Boolean useRights,
FileShare share, Int32 bufferSize,
FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String
msgPath, Boolean bFromProxy) at
System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess
access) at
System.Net.WebClient.DownloadFile(Uri
address, String fileName) --- End
of inner exception stack trace ---
at ProcessImage.GetFileFromUrl(String
imageFileUrl, String newFileName)
at
uploadexceldata.UploadExcelData(String
fileName)
foreach (DataRow dr in dt.Rows) // Reading each excel row
{
if (dr[0].ToString() != "")
{
id= "";
path = "";
manuId = "";
id= dr[0].ToString();
path = dr[1].ToString();
fileNameOnly = iProImg.GetFileNameOnly(path);
objDb.openConnection();
strSqlGroupInfo = "select ManufacturerID from manufacturers where id='" + id+ "'";
dTblManu = objDb.BuildDT(strSqlGroupInfo); // To Fill data to Datatable
objDb.closeConnection();
if (dTblManu.Rows.Count > 0)
{
manuId = dTblManu.Rows[0][0].ToString();
}
if (manuId != "")
{
tempUploadPath = "images/TempStorage/";
tempUploadPath = Server.MapPath(tempUploadPath);
if (!Directory.Exists(tempUploadPath))
{
Directory.CreateDirectory(tempUploadPath);
}
tempFilePath = tempUploadPath + "\\tempImage.jpg";
tempFilePath = tempFilePath.Replace("/", "\\");
previewPath = Server.MapPath("images/previews/" + manuId);
thumbNailPath = Server.MapPath("images/thumbnails/" + manuId);
if (!Directory.Exists(previewPath))
{
Directory.CreateDirectory(previewPath);
}
if (!Directory.Exists(thumbNailPath))
{
Directory.CreateDirectory(thumbNailPath);
}
fileNameOnly = "\\preview" + id+ ".jpg";
fileNameOnly = fileNameOnly.Replace("/", "\\");
previewPath = previewPath + fileNameOnly;
tempPartialPathP = "images\\previews\\" + manuId + fileNameOnly;
fileNameOnly = "\\thumbnail" + id+ ".jpg";
thumbNailPath = thumbNailPath + fileNameOnly;
tempPartialPathT = "images\\thumbnails\\" + manuId + fileNameOnly;
try
{
iProImg.GetFileFromUrl(path, tempFilePath);
rowCounter++;
iProImg.ReSizeImage(tempFilePath, previewPath, previewSize);
iProImg.ReSizeImage(previewPath, thumbNailPath, thumbNailSize);
}
catch (Exception ec)
{
errorRowCount++;
iLog.LogErrorToFile("uploadExcel", ec.ToString(), "path : " + path + ",tempFilePath :" + tempFilePath);
}
finally
{
if(File.Exists(tempFilePath))
{
File.Delete(tempFilePath);
}
}
} // If manuid!=""
} //if (dr[0].ToString() != "")
Does anyone have any suggestions on how to fix this exception?
Try setting the access permissions to "Full control" for the .Net user from where you are reading/saving the files.
No answers in the world solved this for me until I stumbled on the answer for myself:
UN-ENCRYPT THE FILE
You can grant full permissions to everyone on your entire hard drive, it still won't allow ASP.NET decrypt files.
If you are certain the file isn't encrypted, then you just need to add the ASPNET account to the file or folder you want to access. But make sure its not encrypted first!
In reply to what was said : "This is a remote server and the folder has full read/write permission granted.Still not working "
Make sure the .Net user / machine account user has full permissions for that Folder.
Also, add < identity /> to your config file
Make sure the ASP.NET account has read/write permission on the folder you're writing to (basic windows security).
How to:
http://www.microsoft.com/windowsxp/using/networking/security/permissions.mspx
(first 4 steps, check the boxes and click OK)
[EDIT]
You need to authenticate yourself with an account known on the remote server. You probably gave rights to the local ASP.NET account on the remote server, which won't work because that's not the user you access the folder with (from the webserver).
[/EDIT]
All of the above, plus you may need to add this tag:
<identity impersonate="true" userName="accountname" password="password" />
Read this KB article and if you are going from browser to iis to a file share, that counts as two hops and now you need to configure Kerberos Delegation. System administrators much smarter than me have tried to configure kerberos delegation and failed. Move your images or you IIS instance so that they are on the same machine.
First, narrow down your problem by temporarily granting Everyone full permission on that particular path. If it works, then you know for a fact it's a simple permission issue and you just need to figure out which acct needs proper permission. Probably the Anonymous User account (double check this setting in IIS Admin) and not the ASP.NET account. (don't forget to pull permission for Everyone)
If you need to, I believe you can use FileMon to see which account is attempting to access a particular file. Could be wrong, I haven't used this tool in a while.
One last thing... is the read-only flag set on the file? :)
I had the exact same problem today. After spending hours trying to track down what was causing the issue I found out that the permissions for the folder that was being written to were incorrect. Essentially, the folder was readonly from the perspective of the user being used to create the file.
Try doing the following for the folder in question:
Right Click on the folder and select properties
Click on the Sharing tab and then click on the Permissions button
Make sure to add whatever user is going to writing to the folder permissions to do so
Back at the properties page, click the Security tab
Make sure to add whatever user is going to write to the folder permissions to do so
Seeing as this question was asked 6 months ago, I'm assuming that you've already solved the issue...but I just thought I'd document my solution just in case it becomes useful to someone else in the future as they try to figure out how to solve this UnauthorizedAccessException.
Check that the image file (jpg) you're writing to the tempStorage has the proper permissions for the webuser account(aspnet or iis_wpg). You can set the TempStorage directory to replace permisson entries on all child objects.
Right Click TempStorage folder and select properties
Select the security tab (ensure the proper read/write/modify permissons are here)
Click the Advanced button
Check the second checkbox - Replace permissions entries on all child objects with entries shown here that apply to child objects.
Now all files that you add to the TempStoreage folder will inherit the permissions allowing you webuser account to read the jpg file.
Instead of granting permissions to ASPNET user, grant permissions to NETWORK SERVICE user. Modify permissions within the folder should be enough, no need to give full permissions (no reason to give more permissions than needed)
for more details read forum : http://forums.asp.net/t/1013434.aspx/1
the error is pretty obvious there Access to the path 'bin\myprojname.pdb\' is denied. the user the web console process is running under (not the user you created in the webconsole, the actual windows user), most likely "Network Service" doesnt have permissions to that folder.
You can either - Right click on that folder, goto permissions and add the "Network Service" user - Right click on that folder, goto permissions and add the "Everyone" user
that should fix that problem.

Resources