Live Support, Chat, Upload Control and Rich Text Editor
Welcome to Support forums Sign in | Join | Help |Client Center
in Search

Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

Last post 01-16-2007, 5:56 PM by bbrace. 11 replies.
Sort Posts: Previous Next
  •  08-14-2006, 10:29 AM 21794

    Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    I am recieving a Security Exception which is being thrown under .NET 2.0 Medium Trust While Uploading Files/Media. To recreate the problem:
     
    1) Highlght text in CE
    2) Click on PDF icon
    3) Browse to a file
    4) Click Upload
    5) Page will refresh with Security exception. Sorry, can't copy and paste error message.
     
     
    Notes
    - Using latest Build 5.3 with .net 2 DLLs
    - Upload directories have all write permissions set correctly
     
    Any Help appreciated.
     
    Jamie
  •  08-14-2006, 12:46 PM 21795 in reply to 21794

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    Jamie,
     
    I don't have any clue now. Cute Editor should work ok under .NET 2.0 Medium Trust environment.
     
    Is your site online so you can provide a testing URL?
     
    Or can you post a screenshot?
     
     

    asp.net Chat http://cutesoft.net/ASP.NET+Chat/default.aspx
    Web Messenger: http://cutesoft.net/Web-Messenger/default.aspx
    asp.net wysiwyg editor: http://cutesoft.net/ASP.NET+WYSIWYG+Editor/default.aspx
    asp wysiwyg html editor: http://cutesoft.net/ASP
    asp.net Image Gallery: http://cutesoft.net/ASP.NET+Image+Gallery/default.aspx
    Live Support: http://cutesoft.net/live-support/default.aspx

  •  08-14-2006, 1:31 PM 21797 in reply to 21794

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

  •  08-15-2006, 12:30 PM 21822 in reply to 21797

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    THanks - read the thread, although I did not see a direct solution. THe ISP uses UNC and medium trust. The partially truysted callers errors disappeared with 2.0 dlls, however now I'm seeing this error...
  •  08-15-2006, 12:39 PM 21823 in reply to 21822

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    In addition, here is a test link for your review...
     
     
    Thanks,
     
    Jamie
  •  08-16-2006, 12:02 PM 21885 in reply to 21823

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    Guys does anyone have any insight into this one? Any feedback appreciated...
     
    Cheers,
     
    Jamie
  •  08-16-2006, 12:33 PM 21890 in reply to 21822

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    jattwood:
    THanks - read the thread, although I did not see a direct solution. THe ISP uses UNC and medium trust. The partially truysted callers errors disappeared with 2.0 dlls, however now I'm seeing this error...
     
    Please check the following thread:
     
    Writing to a UNC path with the uploading tools
     
     
    Keep me posted
     
     

    asp.net Chat http://cutesoft.net/ASP.NET+Chat/default.aspx
    Web Messenger: http://cutesoft.net/Web-Messenger/default.aspx
    asp.net wysiwyg editor: http://cutesoft.net/ASP.NET+WYSIWYG+Editor/default.aspx
    asp wysiwyg html editor: http://cutesoft.net/ASP
    asp.net Image Gallery: http://cutesoft.net/ASP.NET+Image+Gallery/default.aspx
    Live Support: http://cutesoft.net/live-support/default.aspx

  •  08-17-2006, 10:17 AM 21932 in reply to 21890

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    Thanks Adam, I'm really at a loss here. I have tried by adding the following to system web in the web.config:

    <
    identity impersonate="true"/>
     
    Since this is on an ISP, I have no control over domain user names, passwords, etc. When I tried to add domain information, with the admin username and password provided with the account, the entire site bombs with a web.config error / bad user name password.
     
    I'm trying to write to a publicly accessible directory.
     
    Not sure why I have to go to all this effort to upload a file. Is there not anyway to hard code this path anywhere in the CE configuration?
     
    The physical path in this case is: \\NAS1\Home\W\WJM697\www\documents
     
    The client is getting pissed, so I would really appreciate any specific feedback as soon as you can.
     
    Cheers,
     
    Jamie
     
     
     
  •  08-17-2006, 11:56 AM 21936 in reply to 21932

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    Jamie,
     
    What we are dealing with is not a CuteEdtior issue.
     
    It's about Upload Files Using ASP.NET Impersonation and UNC Share.
     
    Your situation:
     
    The Image Gallery Path is a virtual folder located in a remote machine other than the local web server. The uploaded files needs to be stored in this remote location and mapped to the web server using a virtual folder pointing to a UNC share.
    The problem happens when we try to upload a file using this virtual folder pointing to UNC share. Local ASPNET account does not have access to the network resources by default.
     
    Solution:
     
    So we have to impersonate to access this remote resource. If you have a domain account, please check the above article. If not, please follow the steps below:
     
    1. Create a local user account in local web server. UserName: myUNC_user, password: whatever.
     
    2. Create a local user account in remove web server. UserName: myUNC_user, password: whatever. Please note that this account has the same username and password as the local account.
     
    3. Give full control permission for impersonated user on .....Microsoft.NET\Framework\v2.0.50727.42\Temporary folder.
     
    Please try the above solution and create a simple upload file to test it.
     
    Keep me posted
     
     
     
     
     

    asp.net Chat http://cutesoft.net/ASP.NET+Chat/default.aspx
    Web Messenger: http://cutesoft.net/Web-Messenger/default.aspx
    asp.net wysiwyg editor: http://cutesoft.net/ASP.NET+WYSIWYG+Editor/default.aspx
    asp wysiwyg html editor: http://cutesoft.net/ASP
    asp.net Image Gallery: http://cutesoft.net/ASP.NET+Image+Gallery/default.aspx
    Live Support: http://cutesoft.net/live-support/default.aspx

    Filed under:
  •  08-17-2006, 12:46 PM 21938 in reply to 21936

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    Thanks Adam, forgive my ignorance here, but I guess what I am not understanding here is that I can very easily upload a file to a unc share (on the same ) using the following:
     
    myfile.SaveAs(Server.MapPath("~/Core/images/staff/") + myfile.FileName);
     
    but the same file path specified in CE config cannot achieve the same:
     
     <security name="FilesGalleryPath">~/documents</security>
     
    I guess CE upload does not use Server.MapPath() for some reason?
     
    So I guess you can see my point that it is a CE issue? I'm not trying to be difficult here, it's just that it seems like a lot of work just to make the file upload work remotely in a situation where and ISP uses UNC.
     
    Thanks,
     
    Jamie
     
     
  •  08-17-2006, 2:22 PM 21948 in reply to 21938

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    Jamie,
     
    >>it's just that it seems like a lot of work just to make the file upload work remotely in a situation where and ISP uses UNC.
     
    It needs some configurations. Because the local ASPNET account or NETWork Service account don't have permission to access the remove server by default.
     
    >><security name="FilesGalleryPath">~/documents</security>
     
    The application based file path is supported by CuteEditor as well.

    How to specify the Image gallery path?

    You can easily specify the image gallery path using the following methods:

    1: Edit security policy file.


    The security policy file (default.config, admin.config and guest.config) can be found in the /CuteEditor/Configuration/Security folder. In security policy file you can find the ImageGalleryPath element which contains the image gallery path information within Cute Editor.  By default, it contains the following value:


    <
    security name="ImageGalleryPath">~/uploads</security>
      

    You can modify the ImageGalleryPath element to meet your own requirements.

    For example:

    Use absolute path:

    <security name="ImageGalleryPath">/uploads</security>

     

    Use physical path:

    <security name="ImageGalleryPath">c:\inetpub\wwwroot\uploads</security>

     

    2: Programmatically specify the Image gallery path


    C# Example:

    //use the app-based path 

    Editor1.Setting["security:ImageGalleryPath"]= "~/uploads";
    //use the absolute path 
    Editor1.Setting["security:ImageGalleryPath"]= "/uploads";
    //use the physical path 
    Editor1.Setting["security:ImageGalleryPath"]= @"c:\inetpub\wwwroot\uploads";
    or
    //use the app-based path 

    Editor1.SetSecurityImageGalleryPath= "~/uploads";
    //use the absolute path 
    Editor1.SetSecurityImageGalleryPath= "/uploads";
    //use the physical path 
    Editor1.SetSecurityImageGalleryPath= @"c:\inetpub\wwwroot\uploads";


    VB Example:

    //use the app-based path 

    Editor1.Setting("security:ImageGalleryPath")= "~/uploads"
    //use the absolute path 
    Editor1.Setting("security:ImageGalleryPath")= "/uploads"
    //use the physical path 
    Editor1.Setting("security:ImageGalleryPath")= "c:\inetpub\wwwroot\uploads" 
    or
    //use the app-based path 

    Editor1.SetSecurityImageGalleryPath= "~/uploads"
    //use the absolute path 
    Editor1.SetSecurityImageGalleryPath= "/uploads"
    //use the physical path 
    Editor1.SetSecurityImageGalleryPath= "c:\inetpub\wwwroot\uploads" 
     
     
     
     

    asp.net Chat http://cutesoft.net/ASP.NET+Chat/default.aspx
    Web Messenger: http://cutesoft.net/Web-Messenger/default.aspx
    asp.net wysiwyg editor: http://cutesoft.net/ASP.NET+WYSIWYG+Editor/default.aspx
    asp wysiwyg html editor: http://cutesoft.net/ASP
    asp.net Image Gallery: http://cutesoft.net/ASP.NET+Image+Gallery/default.aspx
    Live Support: http://cutesoft.net/live-support/default.aspx

    Filed under:
  •  01-16-2007, 5:56 PM 25836 in reply to 21948

    Re: Security Exception Thrown under .NET 2.0 Medium Trust While Uploading Files/Media

    I am having similar problem.  CuteEditor cannot load images from a mapped folder, it either has to be on c: drive or a virtual \path. If I use ImageGalleryPath = "x: or "\\servername\folder" I get an error "cannot map to virtual folder". So I set up a Virtual Dir that points to my mapped folder (which by the way is on same server) and still does not work!
     
    I added ASPNET and IUSR, IWAM to Administrators group and still does not work.  I tried creating my own FileStorage class but it gets a "No more files" error in GetDirectoryFiles() routine.  I can connect to mapped folder just fine in Windows Explorer and add and delete files.  I even went to the expense to create a whole new FileStorage class but I cannot trap or override the event that keeps telling me "x:" is not a valid virtual path.
     
    Why is this so hard?  Why can't we just say ImageGalleryPath = \\servername\somefolder or "x:\somefolder".
     
    FYI my X: drive is mapped to a Sharepoint 3.0 Picture Library - when I view this folder using Windows Explorer the file names and folders display just fine and I do not get a "No more files" or a permission error.  Since ASPNET has Admin privlidges I don't believe this is permission problem.
     
    And please refreain from refering me to the "Programatically change ImageGalleryPath" article again.
     
    thanks
    Bill
     
View as RSS news feed in XML
Powered by ASP.Net
Copyright 2003 - 2017 CuteSoft Components Inc.. All rights reserved.