Atlanta Custom Software Development 

  
   Search        Code/Page
 

User Login
Email

Password

 

Forgot the Password?
Services
» Web Development
» Maintenance
» Data Integration/BI
» Information Management
Programming
  Database
Automation
OS/Networking
Graphics
Links
Tools
» Regular Expr Tester
» Free Tools

Update the ACL of a file from an ASP.NET application

Total Hit ( 2618)

Rate this article:     Poor     Excellent 

 Submit Your Question/Comment about this article

Rating


 


It's not uncommon that ASP.NET applications have the need to use a personal .config file to write some runtime information. Since ASP.NET applications are not granted the permission to create or edit files on the server, the best place to store persistent data is a table in a database server (not an Access database). However, let's assume that you just want to write to a file. How can you work around the lack of write permissions? The .NET documentation suggests that you change the named security information for the file. On an NTFS formatted disk, this can be easily done manually by displaying the Properties dialog of the file and selecting the Security tab. Next, you ensure that the ASPNET user is authorized to operate on the file with write permissions. So far so good.

What happens when you deploy the application? In most cases, the administrator will be more than happy (so to speak...) to take care of it. However, should you have the need to accomplish that task programmatically, be ready to face a bad and a good news. The bad news is that you must necessarily resort to Win32 API calls and in particular to the SetNamedSecurityInfo API function from advapi32.dll. Neither version 1.0 of the Framework, nor Everett (v. 1.1) will provide a redesigned managed API for system security. In the end, either you write a managed wrapper for the API (sample code is available at http://www.gotdotnet.com/team/csharp/code/default.aspx) or resort an extremely handy tool that ships with the operating system: cacls.exe. The following command line shows how to configure data.config so that ASP.NET applications can write to it.

Click here to copy the following block
cacls.exe data.config /E /G: ASPNET:F

The /E switch indicates that you want to edit the security descriptor, not replace it. The /G switch indicates that you want to add a new user to the group with the specified privileges. If the specified user exists in the group, the existing account is modified. The F argument means that you want to give the ASPNET user full control over the file. This is exactly what ASP.NET applications need for a smooth setup. The best way to integrate this code with the setup is by defining a custom action on the Visual Studio .NET setup project and use that command line for it.



Submitted By : Nayan Patel  (Member Since : 5/26/2004 12:23:06 PM)

Job Description : He is the moderator of this site and currently working as an independent consultant. He works with VB.net/ASP.net, SQL Server and other MS technologies. He is MCSD.net, MCDBA and MCSE. In his free time he likes to watch funny movies and doing oil painting.
View all (893) submissions by this author  (Birth Date : 7/14/1981 )

Home   |  Comment   |  Contact Us   |  Privacy Policy   |  Terms & Conditions   |  BlogsZappySys

© 2008 BinaryWorld LLC. All rights reserved.