Friday, 13 August 2010

Upload a file to an UNC path

ASP.NET File Upload

In ASP.NET the file upload control is used to upload the files. The following code describes how the files are uploaded in ASP.NET

FileUploadTest.aspx


FileUploadTest.aspx.cs
The above code will upload the file selected through the file upload control to the folder called "uploaddir" residing in the web application path. The upload also is having a limitation. The maximum size of the file is restricted to 4 MB by default by Microsoft. This information resides in the machine.config file. The value for the “maxRequestLength” attribute of the httpRuntime configuration section. This change affects the whole computer. The section looks like this:
When there is more than one application running in the same machine, and all the application that uses the file upload this could be a problem as all the applications now will be allowed to upload the file up to 8 MB as the configuration for the machine has been changed. If this needs to be restricted, the httpRuntime configuration section should be overridden in the web.config file of the particular application for the maximum allowed file size for the application.

The following code shows how to override the httpRuntime section in the web.config section.

[Here the file size is set to 20MB]
  
The above code allows changing the upload limit to 20 MB in the web application.  The following code allows changing the upload limit to 20 MB for a specific folder in the web application.

By using the following code, we can ask the user not to upload a file of more than 20 MB.

 
So now we are familiar with the asp.net file upload as well large file upload. But in some cases, the file server that stores the files may not be the same as the server in which the web application is running. In this case how we can upload the file. For this only the UNC uploading lends a hand to upload the file in such scenario.  Now we need to know what an UNC path is, right. Here is the help about the UNC path in Microsoft environment.

What is an UNC?
 
The Microsoft Windows UNC, short for Universal Naming Convention or Uniform Naming Convention, specifies a common syntax to describe the location of a network resource, such as a shared file, directo-ry, or printer on a local area network (LAN). The UNC syntax for Windows systems has the generic form such as "\\ComputerName\SharedFolder\Resource".

The UNC Path can be assigned with the drive name in the system that is accessing the folder. For exam-ple, if the "System-A" have the shared folder called "MySharedDir", then the UNC path can be accessed from "System-B" in such a way that "\\System-A\MySharedDir". Otherwise we can create a drive letter by mapping the folder to the "System-B" in the following way:
  1. Double-click the "My Computer" icon in System-B
  2. Click on "Tools" menu and select "Map Network Drive". It opens a dialog box.
  3. In the dialog box select the "Drive" and provide the shared path (\\system-A\MySharedDir) in the "Folder" box. Select the check-box "Reconnect at Logon" to connect the folder automatically next time. Otherwise the system will disconnect the network drive whenever the System-B is switched off.
  4. Click on "Finish" button to complete the mapping. The mapped folder will open immediately in the system-B with the title "MySharedDir on System-A". We can also provide different label to the mapped path.
So we created an UNC path. This is the direct way. If both the systems (folder sharer as well the mapped system) are under the same domain/workgroup then this will work. If both the machines are under differ-ent domains then there must be a trust created between these two domains so that the machine that maps the network resource/folder will have the correct permissions to read, write or change.

Now we are ready to upload the files into a file server that is separated from the web server. But is it safety to directly give the UNC path in the given web application. It is considered to be safe to use the UNC path directly in an intranet site but it is better not to use the UNC path directly in the internet site. So now we are going to see how to upload the files to the UNC path for the internet.

1. For this first create a virtual directory in the IIS that refers the UNC path (shared folder) as the physical directory.


2. As the part of security measure, the IIS will ask for a User Name and password. Whenever we are uploading the files to the folder, the IIS uses this user name and password for accessing the folder. So give a user name and password. The user name should be plain text; not to prefix the domain name or the workgroup name to the user name (“username” instead of “domain-name\username”).



3. When you click on the next, the dialog will ask to confirm the password.


4. Now grant the permissions that you want to give to this Virtual Directory. As we are going to upl-oad files into this folder only write permission other than the default (Read and Run Scripts) is enough.


5. Now click finish to complete the virtual directory creation.


As we provided the user name and password to access the virtual directory in the above steps, the ma-chine that runs the web application as well the machine that holds the physical path of the virtual directory should have the same user name and password. To create the user name and password use the following steps.

1. Right click the “My Computer” icon and select “Manage” from the menu popping out.


2. It opens the computer management console. Expand the “Users and Groups” section in the left panel.
Right click on the “Users” and select “New User” option from the menu.


3. Provide the necessary details like username, full name and the password. Unselect the option “User must change the password at next logon” and select the option “Password never expires”.




4. Click on “Create” and if the password meets the password policy of the company or the user name does not exists, the new user will be created on the system. Otherwise the fields have to be changed accordingly and click on “Close” after the successful creation of the user.


5. By clicking the user option in the left panel, we can confirm the creation of the user name.



6. Then click on the groups and double click the “Administrators” group. Click on the “Add User” button and add the user we created and click on "OK" to give the user administrative permission.

As well follow the above six steps in the machine that have the physical folder to have the same user. For the shared folder, the access permission (Read, Write, and Modify) for the following users should have been given in the sharing permission as well in the security tab.
  1. Administrators
  2. The user name we created.
  3. Local Service
  4. Network Service
  5. ASPNET Machine Account
Now we are ready to write our code to upload the files to the path existing in a file server that is existing in the same network/different network.

For this we need to read the matabase of the IIS. In windows server 2000 or later versions, which are running IIS 5 or greater versions, you can find the metabase.xml file in the “%Syste-mRoot%\System32\Inetsrv” folder (For example “C:\Windows\System32\Inetsrv”). We can read this xml file to get the path of the virtual directory. But it is not safe as if there is any issue happens to this file, the IIS will crash. So we dump this solution to read the physical path of the virtual directory from the metabase.xml file.

So I have written a utility to detect the path from the IIS. Let’s call it as common utility and the function name is “GetPhysicalPath” and the return type is “string” and a function to get VirtualPath “GetVirtual-Path”. The utility goes like the following:


 
Here we used the metabase path to query the virtual directory:


In the above metabase path, I referred to the “localhost” because it is running from my client (windows xp) system. If the application is running on a proper web server (windows 2000/2003/2008) then provide the IP address (Primary DNS) or the server name for the application.
 
As the metabase is based on the Active Directory, we are using the DirectoryEntry class to query the IIS metabase. The “VirtualDirectoryName” parameter will have the virtual directory name we created (MyUploads) and the functions finally return the physical path. We need to attach the file name from the file upload control and upload the file.
 
Oops!! In the flow I forgot one thing to say. You need to impersonate the user we created.


Happy researching and coding!!!

Signed
The Techno Dork

1 comment:

  1. Asp:fileupload has one limitation.. It doesn't work inside Updatepannel.... Please let me know if you know any solution for this?
    other is there any way to do client validation?
    My above two question are not related to above post entirly.. but partially.... waiting for response.

    ReplyDelete