How to Upload File using Application Pool identity instead of Logged User Identity- ASP.NET MVC Impersonation
I am working on a ASP.NET MVC Web application. I have situation where i want to upload a file using application pool identity instead of Logged user identity. I want to use app pool identity only while uploading Files. All other places ,I want to use Logged user identity Itself. Application is hosted in two servers, Server1 and Server2.Shared folder is located in Server1.
Currently I am uploading Files as shown below
[HttpPost]
public JsonResult Upload()
{
string fileUniqueName = string.Empty;
try
{
for (int i = 0; i < Request.Files.Count; i++)
{
HttpPostedFileBase file = Request.Files[i];
string fileName = file.FileName;
fileUniqueName = string.Format("{0}_{1}_{2}",
Path.GetFileNameWithoutExtension(file.FileName),
DateTime.Now.ToString("yyyyMMdd_HHmmss_FFF"),
Path.GetExtension(file.FileName));
string tempFileUploadFolderPath = ConfigurationManager.AppSettings["TempFolderPath"];
Directory.CreateDirectory(tempFileUploadFolderPath);
string fileFullpath = Path.Combine(tempFileUploadFolderPath, fileUniqueName);
file.SaveAs(fileFullpath);
}
}
catch(Exception)
{
Response.StatusCode = (int)HttpStatusCode.BadRequest;
return new JsonResult
{
Data = ""
};
}
return new JsonResult
{
Data = fileUniqueName
};
}
I have below setting in web.config
<authentication mode="Windows" />
<identity impersonate="true" />
Can anyone help to rewrite above code where File Upload works on Application Pool Identity instead of logged user identity. File is uploading to folder where Application is hosted.
After reading the document and actual testing, I can now give you a detailed answer.
As you mentioned in the previous thread, if users in the non-AD group want to be able to upload files to the folder, they need to perform the upload operation as the application pool identity. But you have enabled impersonation, so when you log in as a non-AD group user, IIS will override the application pool identity with your logged-in account. If impersonate is set to false, the upload will be performed as the application pool identity and the file will be saved to the folder.
However, if impersonate is set to false in the entire site, any operations performed by non-AD users on other pages will also be performed as the application pool identity.
So you can set impersonate to true for the entire site, only the upload page impersonate is false. Just select the view folder in IIS, switch to content view, select a cshtml and right-click switch to the teatures, and then disable impersonate in authentication. Like this
Some useful blog you can refer to: Users access to disk
When using Windows authentication, the application pool identity (e.g. IIS Apppool\Site001) is used for some access but the Windows account (e.g. User1) is used for other access. It depends on the impersonation settings of your application or framework that you’re using. Therefore, you would generally need to grant access to the application pool identity, plus every Windows account (e.g. User1, User2, User99) which needs access to your site.
- 2D Array. Set all values to specific value
- Is string.Length in C# (.NET) instant variable?
- .NET Where to start a RabbitMQ Client connection in a web application
- RDLC Report Data not refreshing and crashing Visual studio
- Catch External API Error Message as in Postman Body
- How to represent Unicode characters in an API
- Connecting through Https sites
- How to force inner join in Include?
- How to programatically do file versioning with SVN and .NET?
- Completely replace an indexing JSON in Cosmos DB using the .NET API
- Difference between Google.Cloud.Compute.V1 and Google.Apis.Compute.v1
- Optimize in Z3 .NET API giving incorrect results - bug?
- Trying to integrate PayPal checkout express, using classes\dll provided by PayPal, getting: Could not load file or assembly 'log4net
- What is the Microsoft.Practices.Unity ResolverOverride equivalent in Microsoft.Extensions.DependencyInjection
- Getting Windows user's name in "Firstname Lastname" format when user is part of a group
- unable to get results from jsoup while giving post request
- IQueryable<T> extension method to take data in batches
- Missing "Platforms" folder when setting up a .NET MAUI project for xUnit testing
- Execute certain logic till it meets the requirement
- Sharing cache between two MVC applications
- How to install the .NET Native AOT compiler (ilc) for command-line usage outside of dotnet?
- ASP.NET Core 8 : singleton pattern with HttpContextAccessor does not work together
- .net Custom Configuration How to case insensitive parse an enum ConfigurationProperty
- Pragmatic use of code-behind in MVVM pattern
- Npoi Round Formula
- Disabling Smooth Scrolling on Richtextbox
- Is there any possible way to send Udp requests faster in SharpPcap (.NET 8)?
- SignInManager always fails for TwoFactorAuthenticatorSignInAsync() and TwoFactorSignInAsync()
- Any way to add arrays into HTTP request URI by using C#?
- How to start creating an application API in .NET