Differences between asp and win app for FileExists?

[VBAHole22]

I had a win app that would read unc file paths from an Oracle table and run and do a FileExists on each path to determine if the file was still around or if it had been zapped by someone.
Now I want to port this app over to an asp.net website. Trouble is the FileExists call returns False for everything! I can test this by running the win app side by side and it finds the file and the asp.net app doesn't.

Is there something I'm missing about the general distinction betweeen asp.net apps and win apps. I prefer win apps because I think they are easier to program,debug and secure. But everyone wants web this, web that. Can a web app do the kinds of heavy duty 'API' plumbing that a windows app can?

 

[bri189a]

I had a win app that would read unc file paths from an Oracle table and run and do a FileExists on each path to determine if the file was still around or if it had been zapped by someone.
Now I want to port this app over to an asp.net website. Trouble is the FileExists call returns False for everything! I can test this by running the win app side by side and it finds the file and the asp.net app doesn't.

Is there something I'm missing about the general distinction betweeen asp.net apps and win apps. I prefer win apps because I think they are easier to program,debug and secure. But everyone wants web this, web that. Can a web app do the kinds of heavy duty 'API' plumbing that a windows app can?

Make sure you looking for the file correctly. If you are looking for like so:

C:\SomeFolder\SomeFolder\SomeFile.file

You may be returning false because ASP or IIS doesn't have permission to one of the root folders...especially if your looking out side the virtual folder that the web runs in.

I imagine this file is part of the web so you should looking for it using Server.ApplicationPath + "/folder/file.txt".

 

[VBAHole22]

The path format is something like

\\someserver\somefolder\somefile

So you think it's a permission issue?

Another reason I like win apps better.

So the asp.net process doesn't run under my login name? It must run under an asp.net user account. So I would need to grant that account permissions to these folders? Or would I grant the asp.net account the same permissions as myself?

 

[bri189a]

The path format is something like
\\someserver\somefolder\somefile

If the folder is on another computer which is what you are implying above ASPNET won't get access because it's on a totally seperate machine. If you mean:

http:\\localhost\WebApp\SomeFolder\SomeFile

Then assuming the current project is WebApp:

if(File.Exists(Server.ApplicationPath + "/SomeFolder/SomeFile))
{
//code for if it exists....
}

I may be mistaken on ApplicationPath...not able to open Visual Studio at the moment, but I'm pretty sure that's it.

So you think it's a permission issue?

Possibly

Another reason I like win apps better.

Give it time it will grow on you, I despised it at first too; I love it now and it's been the source of a lot of extra income.

So the asp.net process doesn't run under my login name? It must run under an asp.net user account. So I would need to grant that account permissions to these folders? Or would I grant the asp.net account the same permissions as myself?

No it doesn't run under your user name, that would be a huge security risk if it did - anybody who went to your web site would have your permissions. It runs under the ASPNET account, rarely you may need to mess with the Internt Guest Account...but this isn't one of them, that account is for starting applications out of process. You need to grant ASPNET permissions to the folder for whatever you want it to do.

 

[VBAHole22]

Ineteresting. So you think there is no way I can run FileExists on a file that is on a different machine?

That means that I can't make this app into an asp.net app.

That kinda stinks. I was going to roll this functionality in with about 7 other tools into a web app but if I can't do this one then I have to roll the others into a win app.

Kinda dissapointing.

 

[Arch4ngel]

Well... if you have access to the other computer... you migth give access to your ASPNET account of your computer...

Will it work ?

By the way... I hated ASP application at first because I was REALLY DUMB and was not able to make them work like I wanted to. I was better in Win App because I had a lot of experience. Then there was a COOP at a big telecommunication company... they wanted ABSOLUTLY ASP.NET web site that are really functionnal... at first it was : "Ohhh man... not that"... but after a week or two... I improved myself a lot and now I pray for ASP every night (ASP 2-3 and the new born ASP.NET - god protect them).

 

[VBAHole22]

Well, based on some further research I may have found a solution that I am going to test this afternoon. It's a setting in IIS that permits directory browsing authentication. Details to follow.

 

[VBAHole22]

These files are on at least 10 other computers across the state. So setting permissions would be really troublesome.

I really need to get smarter about the permissions issues.

I can't run any Oracle without the impersonation line, yet the impersonation line has no password in it! Just user=administrator password=""

Even if I grant permissions to ASPNET user on the Oracle directory I can still not use Oracle. I get this oci.dll error everytime. It frustrates one.

 

[bri189a]

These files are on at least 10 other computers across the state. So setting permissions would be really troublesome.

I really need to get smarter about the permissions issues.

I can't run any Oracle without the impersonation line, yet the impersonation line has no password in it! Just user=administrator password=""

Even if I grant permissions to ASPNET user on the Oracle directory I can still not use Oracle. I get this oci.dll error everytime. It frustrates one.

Here's an idea. Create an application (windows) that goes and copies those files to the computer that the asp runs on. asp can invoke that program (and send parameters of what you need) by making sure that the program has Internet Guest Account allowed permissions. After the program copies the files to the local computer, get them. Simple enough. Don't over think it, sometimes the solution that isn't the prettiest or most elegant is the one that works best.

 

[VBAHole22]

Um, that is definitely not an option.
This app synchronizes an oracle table with filepaths by checking FileExists on over 200,000 files. It will be run weekly and it already takes over an hour to complete.

Besides, why hack it when there must be a perfectly logical way of getting it done properly.

I just need to get my ducks in a row with these permissions.

 

[VBAHole22]

Well I managed to leap one hurdle - I got around the nagging oci.dll error. Based on a post that someone from this forum linked to

http://www.asp.net/Forums/ShowPost.aspx?tabindex=1&PostID=75953

Turns out there was some kind of bug in the permissions for the Authenicated Users account and Oracle 9i. All I had to do was uncheck a box and then check it again. It's the little things sometimes!

So now I can at least use Oracle in an ASP.NET page without the impersonation line. That's a step in the right direction.

 

[bri189a]

Um, that is definitely not an option.
This app synchronizes an oracle table with filepaths by checking FileExists on over 200,000 files. It will be run weekly and it already takes over an hour to complete.

Besides, why hack it when there must be a perfectly logical way of getting it done properly.

I just need to get my ducks in a row with these permissions.

It was just an idea... let us all know how you finally get around the getting files off of remote problems issue... it would probably come in useful to some other people.

 

[VBAHole22]

Can't figure out what the issue is but I have sured tried a lot of stuff out:

I can use FileExists against local files with and without impersonation and it works fine.
It will not work for network paths.

I have tried denying anonymous access in IIS. No dice.

I am using Integrated Windows Authentication. no dice.

The only thing I have not tried is using impersonation and actually putting in a password. That's the part I don't get. If I say admin with no pass it runs under admin and I can tell using

 Dim username As String = System.Security.Principal.WindowsIdentity.GetCurrent().Name

But I haven't supplied a password. I guess it knows that I am an admin. If I do supply a password (i tried this yesterday) it won't even run the app and I get an error during the build telling me something is wrong in my web.config.

And yesterday when I finally decided to reboot and see if that would clear the air, I found out that IT had suspended my account! They said I had tried to log in too many times with an incorrect password. But I didn't do that. Do you think asp.net could have caused that?

 

[bri189a]

And yesterday when I finally decided to reboot and see if that would clear the air, I found out that IT had suspended my account! They said I had tried to log in too many times with an incorrect password. But I didn't do that. Do you think asp.net could have caused that?

As a network administrator I can say most definitely yes if your having it run under yourself but not supplying a password.

I'd keeping trying letting ASPNET run as itself; you might be opening security breaches otherwise. You should just go ahead and put one file on a remote computer for testing and developing purposes and then incorporate the real thing after you get this working. Start off with allowing Everyone access to it and see where you get. Speaking as a Network Administrator, YOUR_MACHINE_NAME_HERE/ASPNET account should be able to access it. See what you get, logically, and permission theory dicatates that you should be able to.

 

[VBAHole22]

It was when I started putting in a password that i got in trouble, I believe. I can run as the administrators account without a password.

The most recent step I took was to add the ASPNET account to the Administrators Group. Still no luck.

 

[VBAHole22]

Finally Got It!!!!!!!!!!!!!

I figured it out, finally!!!

<identity impersonate="true" userName="administrator" password="" />

was what I was using. I should have been using

<identity impersonate="true"/>

The first listing gets it up and running under the admin account, but I think it's and unauthorized version of that account because there is no pass supplied. If I leave that part out then it runs under my windoze username and the unc fileExists works!!

Thank you bri189a. You were good help.

So in summary for others who may fall in this trap:
1. If you get oci.dll errors follow the path in the previous post and do that little trick
2. If you want to access files on unc paths go into IIS for your app and turn off anonymous access and turn on win integrated. In your webconfig specifcy impersonate = true and you should be good to go.

Thanks again.

 

[bri189a]

I set up a little test project myself and put a file on a remote machine and got the same results as you. As long as the file is local there doesn't seem to be a problem, it's when it's over the network. I even mapped a drive to see if it would make a differance but it didn't. I know you didn't like my idea before about an external program; but what about an external program that just returns 1 if the file exists and have it check for you. I'm sure there is a better way too; but I can't find one. Let me know if you find something.

 

[VBAHole22]

Did it work after you altered the impersonate attribute?
Try putting a text box on the form and using the code to check the user the process is running as.