I've got an error with my Web Part that is driving me Insane. I Keep getting the following error when I try to create a file:
Error raised by Precedents Manager Error Log.
Message: System.UnauthorizedAccessException: Access to the path "\\CWBSSQLDEV\PrecedentsTree\Temp\633048097168871048_PrecedentSample1.doc" is denied.
at PrecedentsManager.TempFileManager.CreateTemporaryFile(HttpPostedFile file, String tempPath, String locPath)
at PrecedentsManager.AddPanel.but1_Click(Object sender, EventArgs e) Precedents Manager(2)
Source: Precedents Manager(2)
For more information, see Help and Support Center at
The File is Being created on a Shared Directory at CWBSSQLDEV. This dir has been given so many access rights that a local machine account in Albania could probably access it. I've tried loads of things but here are the general approaches I've tried.
The Web Part was in a Bin Directory and Signed with a Public Key that gave it high privillages on our Network. I tried fiddling with the Sharepoint Policy File but after meeting with little success I moved the WP into the GAC. According to the policy file
this should have given it Full Trust but i'm still getting the error.
As default the Sharepoint web.config has Impersonation enabled. My account is already a Domain Admin but I tried using one of our Administrator accounts just to be sure. I dumped out the GetCurrentWindowsIdentity() to the HtmlOutput and it seems to be correctly
picking me up (ie my Account name appeared).
I've enabled Security Auditing on Both the Sharepoint Server and the Server with the File Share. the SPS box does not display any failed access attempts (just Logon/Log Off success messages) and the Box with the Share doesn't even display attempted logins,
as if the call isn't even getting that far.
Just to tick off the obvious, Both Servers are in the Same domain. we have Sharepoint set up to use a service account which is running as a Domain Admin.
The Code doesn't do anything cunning, just makes a straight File.Create("Path"). To be honest, I'm a bit out of my depth here when it comes to Security Tokens and all the rest of it. I read an article about Setting the Windows Indentity using Impersonation
but if I'm already doing this through the web.config I don't see why this would help?
There are probably other things but they were mainly stabbing in the dark (well most of it has been stabbing in the dark!). I've reached the point where I have no idea what to try, Anyone got any ideas?
This bug was caused by the dreaded (bum bum buuuuhh) Double Hop issue. If you are unfamiliar with this then I suggest you type "Double Hop" into google asap to prevent you ever having to go through the same frustration I did.
The solution to the double hop is to acquire a new Identity for the current process on the Web Server. In my case I Impersonated the application pool which gave me enough privallages to write my files.
O11Y
Participant
1053 Points
315 Posts
Sharepoint Unauthorized Access Exception on File.Create()
Jan 19, 2007 12:54 PM|LINK
Hello,
I've got an error with my Web Part that is driving me Insane. I Keep getting the following error when I try to create a file:
Error raised by Precedents Manager Error Log.
Message: System.UnauthorizedAccessException: Access to the path "\\CWBSSQLDEV\PrecedentsTree\Temp\633048097168871048_PrecedentSample1.doc" is denied.
at PrecedentsManager.TempFileManager.CreateTemporaryFile(HttpPostedFile file, String tempPath, String locPath)
at PrecedentsManager.AddPanel.but1_Click(Object sender, EventArgs e) Precedents Manager(2)
Source: Precedents Manager(2)
For more information, see Help and Support Center at
The File is Being created on a Shared Directory at CWBSSQLDEV. This dir has been given so many access rights that a local machine account in Albania could probably access it. I've tried loads of things but here are the general approaches I've tried.
There are probably other things but they were mainly stabbing in the dark (well most of it has been stabbing in the dark!). I've reached the point where I have no idea what to try, Anyone got any ideas?
Thanks very much,
Olly
O11Y
Participant
1053 Points
315 Posts
Re: Sharepoint Unauthorized Access Exception on File.Create()
May 17, 2007 09:25 AM|LINK
This bug was caused by the dreaded (bum bum buuuuhh) Double Hop issue. If you are unfamiliar with this then I suggest you type "Double Hop" into google asap to prevent you ever having to go through the same frustration I did.
The solution to the double hop is to acquire a new Identity for the current process on the Web Server. In my case I Impersonated the application pool which gave me enough privallages to write my files.
Hope this helps someone.
Cheers,