stackoom
  简体   繁体   中英

Web Service Confusion - IIS - How to get web site's current directory and permissions issues

 原文  2012-06-05 21:07:14       c#/ .net/ web-services/ iis/ .net-3.5

Question

I have a few newbie web service/Windows rights questions since I've typically been a LINUX/embedded dev in the past.

What directories does a web service executing on a server have access to by default?

I ask because I tried to write to C:\\ and got an access violation. I kind of assumed I would in this case, but I assume there are some areas of the file system the web service can write to and read from by default, right? Or is it just the current working directory?

* How can I give a web service permissions to look at a new directory it didn't have default access to? *

This is C# - ASMX - .NET 3.5 - IIS

1 answers

solution1
 1 ACCPTED  2012-06-05 21:21:18

The WebService doesn't really have any associated access controls associated with it (in a sense). It is however tied to the access control of the user account which is being used to run the application. By default this is usually some built in user account with limited permissions.

IIS uses a number of built-in Windows accounts, as well as accounts that are specific to IIS. For security reasons, you should be aware of the different accounts and their default user privileges. It can be a security risk to change the identity of a worker process so that it runs as an account with a high level of access, such as the LocalSystem user account.

See a list of possible user accounts here: http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/3648346f-e4f5-474b-86c7-5a86e85fa1ff.mspx?mfr=true

If you have Anonymous Authentication enabled you can usually check the settings on that to see which account is being used to run the web service. (Depending on which version of IIS you are using, clicking Edit should let you view the default user account)

After finding the account, usually you will have to explicitly grant it the permissions on the folders (read and write) that you want to give it access to. The default user account usually has pretty limited access (and for good reason). You can grant permissions on the Security tab of the properties of any of the folders on a Windows file system (Properties->Security)

If you're using Windows Authentication , then you should have the same access rights as the authenticated user using the application as long as the resources are local to the IIS server.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How do I get the current directory in a web service Get current date from user's computer on web site How to get “Browse” URL for web site in IIS using C#? how to register a web service in iis? Get IIS Web Site Application Name how to give a windows web server directory permissions? How to Get Site ID and site status in IIS 7 using Web Administration C# How to deal with old web site with security issues? Web Service deployment in IIS? Getting the current directory in an assembly used by a web service app and windows service
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM