Why am I still getting "Access to the path 'C:\...\...' is denied" even after granting IIS_IUSRS write permission on the directory?

Question

I've written a method on my controller that auto generates a powerpoint deck for my client and all that works fine...except I'm stuck on the part about saving the file to disk.

I'm no stranger to this concept; and "thought" that all I needed to do is grant IIS_IUSRS write permission on the directory and read permission on all parent directories. I'm using IIS 7, and I've done this before with IIS 6 granting NETWORK SERVICE the same permissions.

Just for kicks, I even gave EVERYONE write permissions on the directory and I still keep getting the Exception: System.UnauthorizedAccessException: Access to the path 'C:......\Content\PPT' is denied. (I removed some of the path for simplicity).

Is there anything else I am overlooking? The server it's on is the first one I've set up, so I just may have overlooked something?

Here's my controller method simplified:

public ActionResult CreatePowerPoint()
    {
        string path = HttpContext.Server.MapPath("~/Content/PPT");

        Aspose.Slides.Presentation presentation = new Aspose.Slides.Presentation();
        CreatePresentation(presentation);

        presentation.Save(path, Aspose.Slides.Export.SaveFormat.Ppt);

        return View();
    }
}

the presentation.Save() method takes a path and a save format...I don't know what else to try... Is there something wrong with my code? Am I creating the path incorrectly? I can also pass a Stream stream into the save method, but I am not sure if that will fix the problem.

Answer 1

I found the solution - I'm using IIS 7, and I had the application pool set to the wrong identity. In IIS 7, I simply changed the identity of the application pool my app is running on and boom, everything worked. I used NETWORK SERVICE as my identity.

Also for those using Aspose Slides, I also had to make sure the file name was in the path.

Answer 2

The application pool identity has to be set to "Network Service" (as an example of a valid user you can use to run the service). But you also have to set in IIS Admin Authentication\Anonymous Authentication enabled and Anonymous User Identity to "Application pool identity". Without this I was still gettings access denied exceptions on file upload.

Answer 3

I ran into this issue, but it was really because the files were marked as Read-Only in the NTFS FS.

In my case, it was a new FileStream(path, FileMode.Open) that was failing, and was easily corrected by replacing that with a File.Open(path, FileMode.Open, FileAccess.Read, FileShare.Read).

Bottom line, even if the file is readable, just specifying the FileMode.Open seems to default into FileAccess.ReadWrite.