Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

Last post 01-16-2007, 5:56 PM by bbrace. 11 replies.
Sort Posts: Previous Next
  •  08-14-2006, 10:29 AM 21794

    Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    I am recieving a Security Exception which is being thrown under .NET 2.0 Medium Trust While Uploading Files/Media. To recreate the problem:
     
    1) Highlght text in CE
    2) Click on PDF icon
    3) Browse to a file
    4) Click Upload
    5) Page will refresh with Security exception. Sorry, can't copy and paste error message.
     
     
    Notes
    - Using latest Build 5.3 with .net 2 DLLs
    - Upload directories have all write permissions set correctly
     
    Any Help appreciated.
     
    Jamie
  •  08-14-2006, 12:46 PM 21795 in reply to 21794

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    Jamie,
     
    I don't have any clue now. Cute Editor should work ok under .NET 2.0 Medium Trust environment.
     
    Is your site online so you can provide a testing URL?
     
    Or can you post a screenshot?
     
     

    asp.net Chat http://cutesoft.net/ASP.NET+Chat/default.aspx
    Web Messenger: http://cutesoft.net/Web-Messenger/default.aspx
    asp.net wysiwyg editor: http://cutesoft.net/ASP.NET+WYSIWYG+Editor/default.aspx
    asp wysiwyg html editor: http://cutesoft.net/ASP
    asp.net Image Gallery: http://cutesoft.net/ASP.NET+Image+Gallery/default.aspx
    Live Support: http://cutesoft.net/live-support/default.aspx

  •  08-14-2006, 1:31 PM 21797 in reply to 21794

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

  •  08-15-2006, 12:30 PM 21822 in reply to 21797

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    THanks - read the thread, although I did not see a direct solution. THe ISP uses UNC and medium trust. The partially truysted callers errors disappeared with 2.0 dlls, however now I'm seeing this error...
  •  08-15-2006, 12:39 PM 21823 in reply to 21822

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    In addition, here is a test link for your review...
     
     
    Thanks,
     
    Jamie
  •  08-16-2006, 12:02 PM 21885 in reply to 21823

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    Guys does anyone have any insight into this one? Any feedback appreciated...
     
    Cheers,
     
    Jamie
  •  08-16-2006, 12:33 PM 21890 in reply to 21822

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    jattwood:
    THanks - read the thread, although I did not see a direct solution. THe ISP uses UNC and medium trust. The partially truysted callers errors disappeared with 2.0 dlls, however now I'm seeing this error...
     
    Please check the following thread:
     
    Writing to a UNC path with the uploading tools
     
     
    Keep me posted
     
     

    asp.net Chat http://cutesoft.net/ASP.NET+Chat/default.aspx
    Web Messenger: http://cutesoft.net/Web-Messenger/default.aspx
    asp.net wysiwyg editor: http://cutesoft.net/ASP.NET+WYSIWYG+Editor/default.aspx
    asp wysiwyg html editor: http://cutesoft.net/ASP
    asp.net Image Gallery: http://cutesoft.net/ASP.NET+Image+Gallery/default.aspx
    Live Support: http://cutesoft.net/live-support/default.aspx

  •  08-17-2006, 10:17 AM 21932 in reply to 21890

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    Thanks Adam, I'm really at a loss here. I have tried by adding the following to system web in the web.config:

    <
    identity impersonate="true"/>
     
    Since this is on an ISP, I have no control over domain user names, passwords, etc. When I tried to add domain information, with the admin username and password provided with the account, the entire site bombs with a web.config error / bad user name password.
     
    I'm trying to write to a publicly accessible directory.
     
    Not sure why I have to go to all this effort to upload a file. Is there not anyway to hard code this path anywhere in the CE configuration?
     
    The physical path in this case is: \\NAS1\Home\W\WJM697\www\documents
     
    The client is getting pissed, so I would really appreciate any specific feedback as soon as you can.
     
    Cheers,
     
    Jamie
     
     
     
  •  08-17-2006, 11:56 AM 21936 in reply to 21932

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    Jamie,
     
    What we are dealing with is not a CuteEdtior issue.
     
    It's about Upload Files Using ASP.NET Impersonation and UNC Share.
     
    Your situation:
     
    The Image Gallery Path is a virtual folder located in a remote machine other than the local web server. The uploaded files needs to be stored in this remote location and mapped to the web server using a virtual folder pointing to a UNC share.
    The problem happens when we try to upload a file using this virtual folder pointing to UNC share. Local ASPNET account does not have access to the network resources by default.
     
    Solution:
     
    So we have to impersonate to access this remote resource. If you have a domain account, please check the above article. If not, please follow the steps below:
     
    1. Create a local user account in local web server. UserName: myUNC_user, password: whatever.
     
    2. Create a local user account in remove web server. UserName: myUNC_user, password: whatever. Please note that this account has the same username and password as the local account.
     
    3. Give full control permission for impersonated user on .....Microsoft.NET\Framework\v2.0.50727.42\Temporary folder.
     
    Please try the above solution and create a simple upload file to test it.
     
    Keep me posted
     
     
     
     
     

    asp.net Chat http://cutesoft.net/ASP.NET+Chat/default.aspx
    Web Messenger: http://cutesoft.net/Web-Messenger/default.aspx
    asp.net wysiwyg editor: http://cutesoft.net/ASP.NET+WYSIWYG+Editor/default.aspx
    asp wysiwyg html editor: http://cutesoft.net/ASP
    asp.net Image Gallery: http://cutesoft.net/ASP.NET+Image+Gallery/default.aspx
    Live Support: http://cutesoft.net/live-support/default.aspx

    Filed under:
  •  08-17-2006, 12:46 PM 21938 in reply to 21936

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    Thanks Adam, forgive my ignorance here, but I guess what I am not understanding here is that I can very easily upload a file to a unc share (on the same ) using the following:
     
    myfile.SaveAs(Server.MapPath("~/Core/images/staff/") + myfile.FileName);
     
    but the same file path specified in CE config cannot achieve the same:
     
     <security name="FilesGalleryPath">~/documents</security>
     
    I guess CE upload does not use Server.MapPath() for some reason?
     
    So I guess you can see my point that it is a CE issue? I'm not trying to be difficult here, it's just that it seems like a lot of work just to make the file upload work remotely in a situation where and ISP uses UNC.
     
    Thanks,
     
    Jamie
     
     
  •  08-17-2006, 2:22 PM 21948 in reply to 21938

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    Jamie,
     
    >>it's just that it seems like a lot of work just to make the file upload work remotely in a situation where and ISP uses UNC.
     
    It needs some configurations. Because the local ASPNET account or NETWork Service account don't have permission to access the remove server by default.
     
    >><security name="FilesGalleryPath">~/documents</security>
     
    The application based file path is supported by CuteEditor as well.

    How to specify the Image gallery path?

    You can easily specify the image gallery path using the following methods:

    1: Edit security policy file.


    The security policy file (default.config, admin.config and guest.config) can be found in the /CuteEditor/Configuration/Security folder. In security policy file you can find the ImageGalleryPath element which contains the image gallery path information within Cute Editor.  By default, it contains the following value:


    <
    security name="ImageGalleryPath">~/uploads</security>
      

    You can modify the ImageGalleryPath element to meet your own requirements.

    For example:

    Use absolute path:

    <security name="ImageGalleryPath">/uploads</security>

     

    Use physical path:

    <security name="ImageGalleryPath">c:\inetpub\wwwroot\uploads</security>

     

    2: Programmatically specify the Image gallery path


    C# Example:

    //use the app-based path 

    Editor1.Setting["security:ImageGalleryPath"]= "~/uploads";
    //use the absolute path 
    Editor1.Setting["security:ImageGalleryPath"]= "/uploads";
    //use the physical path 
    Editor1.Setting["security:ImageGalleryPath"]= @"c:\inetpub\wwwroot\uploads";
    or
    //use the app-based path 

    Editor1.SetSecurityImageGalleryPath= "~/uploads";
    //use the absolute path 
    Editor1.SetSecurityImageGalleryPath= "/uploads";
    //use the physical path 
    Editor1.SetSecurityImageGalleryPath= @"c:\inetpub\wwwroot\uploads";


    VB Example:

    //use the app-based path 

    Editor1.Setting("security:ImageGalleryPath")= "~/uploads"
    //use the absolute path 
    Editor1.Setting("security:ImageGalleryPath")= "/uploads"
    //use the physical path 
    Editor1.Setting("security:ImageGalleryPath")= "c:\inetpub\wwwroot\uploads" 
    or
    //use the app-based path 

    Editor1.SetSecurityImageGalleryPath= "~/uploads"
    //use the absolute path 
    Editor1.SetSecurityImageGalleryPath= "/uploads"
    //use the physical path 
    Editor1.SetSecurityImageGalleryPath= "c:\inetpub\wwwroot\uploads" 
     
     
     
     

    asp.net Chat http://cutesoft.net/ASP.NET+Chat/default.aspx
    Web Messenger: http://cutesoft.net/Web-Messenger/default.aspx
    asp.net wysiwyg editor: http://cutesoft.net/ASP.NET+WYSIWYG+Editor/default.aspx
    asp wysiwyg html editor: http://cutesoft.net/ASP
    asp.net Image Gallery: http://cutesoft.net/ASP.NET+Image+Gallery/default.aspx
    Live Support: http://cutesoft.net/live-support/default.aspx

    Filed under:
  •  01-16-2007, 5:56 PM 25836 in reply to 21948

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    I am having similar problem.  CuteEditor cannot load images from a mapped folder, it either has to be on c: drive or a virtual \path. If I use ImageGalleryPath = "x: or "\\servername\folder" I get an error "cannot map to virtual folder". So I set up a Virtual Dir that points to my mapped folder (which by the way is on same server) and still does not work!
     
    I added ASPNET and IUSR, IWAM to Administrators group and still does not work.  I tried creating my own FileStorage class but it gets a "No more files" error in GetDirectoryFiles() routine.  I can connect to mapped folder just fine in Windows Explorer and add and delete files.  I even went to the expense to create a whole new FileStorage class but I cannot trap or override the event that keeps telling me "x:" is not a valid virtual path.
     
    Why is this so hard?  Why can't we just say ImageGalleryPath = \\servername\somefolder or "x:\somefolder".
     
    FYI my X: drive is mapped to a Sharepoint 3.0 Picture Library - when I view this folder using Windows Explorer the file names and folders display just fine and I do not get a "No more files" or a permission error.  Since ASPNET has Admin privlidges I don't believe this is permission problem.
     
    And please refreain from refering me to the "Programatically change ImageGalleryPath" article again.
     
    thanks
    Bill
     
View as RSS news feed in XML