asp.net: authentication - asp.net

When I upload my asp.net web application to the server and access to the url link, it is asking for the authentication... if I dont, I got this error message:
ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via , the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
What should I change in the web.config file in order to get this working as locally?
Thanks in advance

Did you make sure you converted the directory to an application in IIS?
Browse to directory in IIS directory tree
Right click and select "Convert to Application"
Select application pool, and convert

Related

Convert to application in IIS under service account

I want convert to application my Asp.Net app.
I created application Pool what use service account. And want "convert to application" under this application pool.
BUT if i check connection setting show me error "Invalid application path".
When I set my personal user account in to "connect as"
everything was alright.
Question : what must fulfill service account to right use? Or any suggestion whot I must change, try or verify?
You should be able to use the Setting "ApplicationPoolIdentity" for Identity in the Pool Advanced-Properties.
Usually your folder security settings must grant read, execute, browse folder and read for the local group IIS_IUSRS.
if you did both, the conversion to application should work.

Access to the port 'COM4' is denied

I am using arduino (some micro-controller), and I made an ASP.net page to communicate with it. I connected arduino to serial-port COM4. When I run the ASP.net website, I get the following error:
Exception Details: System.UnauthorizedAccessException: Access to the port 'COM4' is denied.
ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6 and IIS 7, and the configured application pool identity on IIS 7.5) that is used if the application is not impersonating. If the application is impersonating via , the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.
now i know it may sound like the solution is right there: " to grant asp.net access to..." but i don't know what file they are talking about!
So please can anybody point out the solution ?
PS: I first did a windows form application and it worked. So there is nothing else using the COM4.
Thanks in advance.
Ignoring that it's strange that a web application should talk to a COM port on the server, the issue is as follows: by default an ASP.NET application in IIS runs under a low privilege user (as specified in the error message). That user is not allowed to access the port.
A console application runs under the user who launched it. I'm assuming that's you and you're an admin on the machine.
To get the ASP.NET doing the same open IIS (Start - Run - inetmgr), select 'Application Pools', choose the app pool under which your web application is running, click 'Advanced Settings', set the 'Identity' field to your user.
Restart the app pool and launch the web application.

Deny remote access to ASP.net resource

I have ASP.NET WebService as a part of ASP.NET application. However, some of its methods are not supposed to be invoked directly from browser, they are just accessed by winservice from within the same local network. Is there any way to protect web service from remote access by means of web.config files or IIS configuration with no firewall configuration involved?
Change ACLs on your "non accessable" resources so that IIS_USER has no rights. Create another website that binds to localhost:80. Create a new user account and set that as the login account for the new website. Grant that user read/execute to the files you're trying to obscure.

Error enumerating shared folder from ASP.NET web form

I'm trying to run a method on the loading of a page which will search through a network shared folder and do a particular operation on all .tif files found. Problem is I'm getting an error:
DirectoryInfo dir = new DirectoryInfo(directory);
FileInfo[] tifs = dir.GetFiles("*.tif", SearchOption.AllDirectories); //Throws error.
Exception Details:
System.UnauthorizedAccessException:
Access to the path
'\server\sharename\folder\subfolder'
is denied.
ASP.NET is not authorized to access
the requested resource. Consider
granting access rights to the resource
to the ASP.NET request identity.
ASP.NET has a base process identity
(typically {MACHINE}\ASPNET on IIS 5
or Network Service on IIS 6) that is
used if the application is not
impersonating. If the application is
impersonating via , the identity
will be the anonymous user (typically
IUSR_MACHINENAME) or the authenticated
request user.
To grant ASP.NET access to a file,
right-click the file in Explorer,
choose "Properties" and select the
Security tab. Click "Add" to add the
appropriate user or group. Highlight
the ASP.NET account, and check the
boxes for the desired access.
I've tried following these instructions, but I'm not able to add the specified account to the share's permissions. What am I doing wrong?
See Related Question: Trouble accessing network share from asp.net web form
You probably need to impersonate a user that does have access: see http://msdn.microsoft.com/en-us/library/xh507fc5%28v=VS.90%29.aspx

"Access is Denied" accessing a subpage in ASP.net (hosting with IIS)

I'm getting the current error when trying to go to any page other than the index:
Server Error in '/' Application.
Access is denied.
Description: An error occurred while accessing the resources required to serve this request. The server may not be configured for access to the requested URL.
Error message 401.2.: Unauthorized: Logon failed due to server configuration. Verify that you have permission to view this directory or page based on the credentials you supplied and the authentication methods enabled on the Web server. Contact the Web server's administrator for additional assistance.
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1
There is no login system for my site. Only one small database.
Does anybody have any ideas?
Thanks if you can!
If you can hit the root page but not the others I'd be concerned about NTFS permissions. Check out the tip for the anon user as p.campbell is suggesting. I THINK you'll find that you're ok for anonymous at the IIS level, but you probably only granted appropriate file permissions to your "index" page and need to propagate those permissions to the rest of the files/directories in question.
Edit: Here's a link that goes through some basics for NTFS permissions. It boils down to your worker identity needing read access at least. By default, that identity is either ASPNET or NETWORK SERVICE, depending on OS. YOu can configure your application pool to be something else if you want though:
http://support.microsoft.com/kb/815153
Does your host and its control panel support the enabling/disabling of Anonymous access?
It sounds as if 'Anonymous' is disabled.
http://forums.iis.net/t/1152085.aspx

Resources