November Happy Hour will be moved to Thursday December 5th.
AI OnAI Off
Why does my EpiServer site need access to c:\windows\system32?
Just as an addition, the App Pool for this site is running under user ApplicationPoolId, as are several other sites on this box and they don't require access to a system folder.
May 04, 2011 18:40
How do your virtual path provider configurations look? It's as if one of the physicalPath attribute values is empty (though that should cause an exception) or includes some environment variable pointing to the users profile?
May 05, 2011 7:08
From my episerver.config:
<virtualPath customFileSummary="~/FileSummary.config">
<providers>
<clear />
<add showInFileManager="true" virtualName="Page Files" virtualPath="~/PageFiles/" bypassAccessCheck="false" name="SitePageFiles" type="EPiServer.Web.Hosting.VirtualPathVersioningProvider,EPiServer" indexingServiceCatalog="Web" physicalPath="%USERPROFILE%\Intranet\PageFiles" />
<!--<add showInFileManager="false" virtualName="Virtual Path Mappings" virtualPath="~/upload/"
bypassAccessCheck="false" name="SitePathMappings" type="EPiServer.Web.Hosting.VirtualPathMappedProvider,EPiServer" />-->
<add showInFileManager="true" virtualName="Global Files" virtualPath="~/Global/" bypassAccessCheck="false" name="SiteGlobalFiles" type="EPiServer.Web.Hosting.VirtualPathVersioningProvider,EPiServer" indexingServiceCatalog="Web" physicalPath="%USERPROFILE%\Intranet\Globals" />
<add showInFileManager="true" virtualName="Documents" virtualPath="~/Documents/" bypassAccessCheck="false" maxVersions="5" name="SiteDocuments" type="EPiServer.Web.Hosting.VirtualPathVersioningProvider,EPiServer" physicalPath="%USERPROFILE%\Intranet\Documents" />
<!--
<add showInFileManager="true" virtualName="Global Files" virtualPath="~/Global/"
bypassAccessCheck="false" indexingServiceCatalog="Web" physicalPath="%EPISERVERFILESDIR%\EPiServerFiles\Globals"
name="SiteGlobalFiles" type="EPiServer.Web.Hosting.VirtualPathNativeProvider,EPiServer"
WriteAccess="Administrators" DeleteAccess="Administrators" />
-->
<add name="App_Themes_Default" virtualPath="~/App_Themes/Default/" physicalPath="C:\Program Files\EPiServer\CMS\6.1.379.0\Application\App_Themes\Default" type="EPiServer.Web.Hosting.VirtualPathNonUnifiedProvider,EPiServer" />
<add name="UIFiles" virtualPath="~/EPiServer/CMS/" physicalPath="C:\Program Files\EPiServer\CMS\6.1.379.0\Application\UI\CMS" type="EPiServer.Web.Hosting.VirtualPathNonUnifiedProvider,EPiServer" />
<add name="UtilFiles" virtualPath="~/Util/" physicalPath="C:\Program Files\EPiServer\CMS\6.1.379.0\Application\Util" type="EPiServer.Web.Hosting.VirtualPathNonUnifiedProvider,EPiServer" />
<add name="WebServicesFiles" virtualPath="~/WebServices/" physicalPath="C:\Program Files\EPiServer\CMS\6.1.379.0\Application\webservices" type="EPiServer.Web.Hosting.VirtualPathNonUnifiedProvider,EPiServer" />
<add name="EPiServerCMS" virtualPath="~/EPiServer/CMS" physicalPath="C:\Program Files\EPiServer\CMS\6.1.379.0\Application\UI\EPiServer\CMS" type="EPiServer.Web.Hosting.VirtualPathNonUnifiedProvider,EPiServer" />
<add name="EPiServerShell" virtualPath="~/EPiServer/Shell" physicalPath="C:\Program Files\EPiServer\Framework\6.2.267.1\Application\UI" type="EPiServer.Web.Hosting.VirtualPathNonUnifiedProvider,EPiServer" />
</providers>
<filters />
</virtualPath>
<!-- virtualPathMappings are used by "VirtualPathMappedProvider". -->
<virtualPathMappings>
<!--<add url="~/ExternalSample.ascx" mappedUrl="~/MappedSample.ascx" />-->
</virtualPathMappings>Not sure what I'm looking for to be honest
Thanks
Dave
May 05, 2011 10:08
You have several entries where physicalPath includes %USERPROFILE%. I doubt this is what you want because the content of your sites file folders would depend on which user runs the app pool (or even which user is logged in if you have impersonation). Since you use it for page files, global files etc, physicalPath should be a absolute physical path without variables.
May 05, 2011 10:12
Hmm, the installer should not set physicalPath that include %USERPROFILE%... Anyway if you replace %USERPROFILE% with the physical path to your vpp folder (e.g. c:\EPIServer\Sites\VPPs) it should work fine.
May 05, 2011 10:13
That worked a treat! Thanks very much!
The installer didn't set %USERPROFILE%, I created my website using the Visual Studio template and the episerver.config file was automatically generated. What is the correct way to create an EpiServer website, as the training I had tells me to use the VS template?
May 05, 2011 10:25
Ok, I thought it was a production site.
To setup a site/environment for development your approach is fine. For development you can run the site under cassini (launch it through F5 from visual studio). In that case the webserver.exe process will run under your account and you should not get the security issue you run into when the site run under IIS.
May 05, 2011 10:55
It ran fine under Cassini but I wanted to set it up as a site under IIS to find any deployment issues at the beginning of development rather than at the end. Do I need to use the EpiServer deployment service to create an initial website and then copy my published site into the folder it creates? If so will I have to manually merge the config files?
May 05, 2011 11:01
No, you can manually create a site under IIS and point it to your site. In this case however you need to configure so the account configured for the application pool has access to VPPs and site.
In case you run under IIS7 you should also make sure the schema for the web.config is IIS7 "style" (e.g. handlers instead of httpHandlers) since cassini uses the IIS6 config style.
May 05, 2011 11:07
To avoid the IIS6/IIS7 problems I generally debug using IIS instead of cassini. That way all environments are IIS7+ (dev machine is windows 7 and test and production environments are). In the project settings under web you can change so that debugging uses the IIS site instead of cassini so it will attach to IIS automatically when you hit F5. This requires the address for the IIS site to be correct in the project, the IIS site to be running and generally that you start visual studio as administrator.
May 05, 2011 11:12
That is exactly what I've done with this site so as long as I change the %USERPROFILE% to point to the VPP in the future I should be fine.
Thanks very much for your help!
Dave
May 05, 2011 11:24
This thread is locked and should be used for reference only. Please use the Episerver CMS 7 and earlier versions forum to open new discussions.
Server Error in '/' Application.
Access to the path 'C:\Windows\system32\config\systemprofile' is denied.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.UnauthorizedAccessException: Access to the path 'C:\Windows\system32\config\systemprofile' is denied.
ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6 and IIS 7, and the configured application pool identity on IIS 7.5) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.
Source Error:
Source File: c:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\6ed5bed6\a80a1d81\App_global.asax.rzj41_fn.0.cs Line: 0
Stack Trace:
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.225