[英]ASP.NET - I am generating an .XLS file with a DLL, how do I grant permissions for writing to file? (IIS 7)
I'm generating an .XLS file with a DLL (Excel Library http://code.google.com/p/excellibrary/ ) 我正在用DLL生成.XLS文件(Excel库http://code.google.com/p/excellibrary/ )
I've added this DLL as a reference to my project. 我已添加此DLL作为对我的项目的引用。
The code to save the .XLS to disk is running, but it's encountering a permissions issue. 将.XLS保存到磁盘的代码正在运行,但是遇到权限问题。
I've attempted to set full access for IUSRS, Network Service, and Everyone just to see if I could get it working, and none of these seems to make a difference. 我试图为IUSRS,网络服务和每个人设置完全访问权限,只是为了看看我是否可以使它正常工作,而这些似乎都没有任何作用。
Here's where I'm trying to write the file: 这是我要写入文件的位置:
c:/temp/test1.xls
Here's the error: 这是错误:
[SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) +0
System.Security.CodeAccessPermission.Demand() +54
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) +2103
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) +138
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) +89
System.IO.File.Open(String path, FileMode mode, FileAccess access, FileShare share) +58
ExcelLibrary.Office.CompoundDocumentFormat.CompoundDocument.Create(String file) +88
ExcelLibrary.Office.Excel.Workbook.Save(String file) +73
CHC_Reports.LitAnalysis.CreateSpreadSheet_Click(Object sender, EventArgs e) in C:\Users\brian\Desktop\Enterprise Manager\CHC_Reports\LitAnalysis.aspx.vb:19
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +115
System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +140
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +29
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +11041511
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +11041050
System.Web.UI.Page.ProcessRequest() +91
System.Web.UI.Page.ProcessRequest(HttpContext context) +240
ASP.litanalysis_aspx.ProcessRequest(HttpContext context) +52
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +599
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +171
Any idea what I need to do to diagnose the permissions issue and allow the file creation? 我需要做什么来诊断权限问题并允许文件创建吗?
Thanks. 谢谢。
I think this doesn't have to do with the file security, but rather .NET code access security. 我认为这与文件安全性无关,而与.NET代码访问安全性有关。 You can install the .NET SDK which will add something like ".NET 2.0 Configuration" in Administrative Tools where you can configure it, or use the caspol command line utility.
您可以安装.NET SDK,它将在管理工具中添加类似“ .NET 2.0配置”的内容,您可以在其中进行配置,也可以使用caspol命令行实用程序。 Also, check this article specifically for ASP.NET: http://msdn.microsoft.com/en-us/library/ms998326.aspx
另外,请查看专门针对ASP.NET的本文: http : //msdn.microsoft.com/zh-cn/library/ms998326.aspx
Edit: Now that I look a bit more, notice CodeAccessSecurity Engine. 编辑:现在,我看起来更多了,请注意CodeAccessSecurity Engine。 It definitely seems to be what I thought.
绝对是我的想法。 You give or deny specific permissions to .NET applications based on URI, strong name, etc. Those permissions include access to files, the registry, etc.
您可以基于URI,强名等授予或拒绝对.NET应用程序的特定权限。这些权限包括对文件,注册表等的访问。
When writing a file to the HDD from IIS, you need to set "write" permissions on the folder (for your example, c:\\temp). 从IIS将文件写入HDD时,您需要在文件夹上设置“写入”权限(例如c:\\ temp)。 This is because some IO processes delete, then recreate a file (instead of just updating), and the permissions are destroyed when the file is deleted.
这是因为某些IO进程先删除,然后重新创建文件(而不只是更新),并且删除文件时会破坏权限。 Usually, you need to grant read/write to IUSR*, IWAM* and ASPNET.
通常,您需要授予对IUSR *,IWAM *和ASPNET的读/写权限。
I believe that Nelson was on the right track for 90% of people that run into this error... and I believe that tgolisch was on the right track for about 8% of the remaining. 我相信Nelson对于90%遇到此错误的人来说是正确的道路...我相信tgolisch对于其余大约8%的人是正确的道路。
However, the application pool that was serving up my application apparently did not have specific rights to write to the folders in question. 但是,为我的应用程序提供服务的应用程序池显然没有特定权限来写入相关文件夹。 Therefore, I switched the application pool being used to serve up the application to run under the context: Local System.
因此,我切换了用于服务应用程序的应用程序池,以便在上下文中运行:本地系统。
When I deploy the application, I will need to determine which identity the application pool is running under and verify that it has access to the appropriate folders. 部署应用程序时,我需要确定应用程序池在哪个身份下运行,并验证它是否有权访问适当的文件夹。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.