Classic ASP - FileSystemObject - FileExits - Authentication Failure
FileSystemObject.FileExist method will fail while trying to access a remote folder from classic asp page (or VBScript). The FileExist method will return a False and not any error even though the file exist in the remote folder.This is because the IIS Anonymous Access User - IUSR_<MachineName> does not have permission to access the remote folder.
In ASP.NET, this could be solved by impersonating a specific Identity (identity impersonate=true) in the web.config file. But in the classic ASP world, the default impersonating account is the IIS anonymous access account - IUSR_<MachineName> and there is no web.config file to point to a specific user.
Obviously, the easiest option is to give IUSR_<MachineName> rights to access the remote folder, but practically not feasible in a real world scenario.
If it is a tiny project & if the project does not require integrated windows authentication then the alternate quick solution is to create a domain account and make that account as the anonymous access user for the whole web app or if you could isolate that specific code page to a separate folder under the web app, then that specific folder in IIS -
IIS -> Web App Folder -> Properties -> Directory Security -> Authentication & Access Control -> Anonymous Authentication
- Replace the IUSR_<MachineName> account in the above location with the newly created domain account
- Give the new domain account rights to access the remote folder.
In the case where the code actually throws an error like - 'Permission denied', 'Path not found' etc. then the Microsoft's solution of giving IUSR_<MachineName> access to remote folder can be found in this Knowledge Base article.
Labels: "Classic ASP", Access Control, Anonymous Access account, Authentication, Failure, FileExists, FileSystemObject, Identity, IIS, Impersonation, IUSR_MachineName, Permission Denied
posted by Shanmuganathan Sivaraj at
10:47 PM
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]