Servicing HTTP PUT from .ashx handler in ASP.NET without tweaking file permissions
I've got an .ASHX handler I want to use to process an HTTP PUT to allow me to upload files to the web server--the .ASHX file actually uploaded data and sticks the file elsewhere, so it never actually touches the disk here.
I've set the web.config to allow it to handle HTTP PUT, but IIS won't pass the request to my code unless I set the ACLs on the .ASHX files themselves to be writable--Which is kinda silly, since we're not actually going to write to those files.
If I set the ACLs, it works fine, but I'd like to be able to process the file without having to set the ACLs at all (I'm sure there's an appropriate way to make IIS just pass the HTTP PUT to the .ASHX file without checking the permissions on the file itself.
This is on Win2008 R2 (actually, it's on Azure's 2008 R2, but should be the same), using .NET 4.0
401 - Unauthorized: Access is denied due to invalid credentials. You do not have permission to view this directory or page using the credentials that you supplied.
There are several roadblocks to getting PUT (and DELETE) working with ASP.NET. Since you mention Win2008 R2 (IIS 7.5) I would check to see if the errors you are seeing mention the WebDAV module or handler.
WebDAV is enabled by default as of IIS 7.5. It will interfere with HTTP PUT and DELETE verbs on ASP.NET handlers and modules. If you're implementing a RESTful service you likely don't even utilize this functionality. Disable it via your web.config.
<system.webServer> <modules> <remove name="WebDAVModule" /> </modules> <handlers> <remove name="WebDAV" /> </handlers> </system.webServer>
Some other solutions are mentioned in this forum post entitled HTTP Error 405 With ASP.Net MVC and HTTP PUT on IIS 7.5.