An unhandled exception may occur under the following
circumstances:
• |
An ASP.NET worker process (Aspnet_wp.exe) runs under the
default ASPNET account. -and-
|
• |
You do not enable impersonation on that application.
-and-
|
• |
You try to connect to or write to an Access
database. |
Under these circumstances, you may receive one of the following
exceptions:
The Microsoft Jet database engine cannot
open the file 'C:\Nwind.mdb'. It is already opened exclusively by another user,
or you need permission to view its data.
Operation must use an updateable query.
Because of security concerns, the ASP.NET worker process
runs under the default ASPNET account. If you do not enable impersonation for
an application, all of the threads that run the requests for that application
run under the process account.
This problem occurs because the ASPNET
account does not have sufficient permissions to connect to or write to an
Access database.
To work around this problem, use one of the following
methods:
• |
Configure the ASP.NET worker process to run under the
SYSTEM account in the <processModel> section of the Machine.config
file. |
• |
For security reasons, Microsoft recommends that you enable
impersonation on your ASP.NET application. This method works if the
impersonated user has necessary permissions to the computer and the database
that you are accessing. |
• |
Grant read and write permissions for the "Everyone" group
on the database and the database folder. This method is not safe; therefore,
Microsoft does not recommend this method. |
This
behavior is by design.
When you need unlimited users, full-time support, and ACID
transactions, Microsoft strongly recommends that you use Microsoft SQL Server
with Microsoft Internet Information Services (IIS). Although Microsoft Active
Server Pages (ASP) works with any OLE DB-compliant or ODBC-compliant database,
IIS has been extensively tested. IIS is designed to work with Microsoft SQL
Server on high transaction traffic and with unlimited users, which can occur in
an Internet scenario.
Note "ACID" is an acronym for the four properties of
transaction-processing systems: Atomicity, Consistency, Isolation,
Durability.
ASP supports the use of the Microsoft Jet database engine
as a valid data source. However, Microsoft ODBC Driver for Access and Microsoft
OLE DB Provider for Jet are not intended for use with high-stress,
high-concurrency, full-time server applications (such as Web applications,
commerce applications, transactional applications, messaging servers, and so
on).
Steps to reproduce the behavior
1. |
Create a new ASP.NET Web Application project in Microsoft
Visual C# .NET. |
2. |
Add the following code to the "Declaration" section of your
Web Form, which appears at the top of the Code window:
using System.Data.OleDb;
|
3. |
Add the following code to the Page_Load event:
String myConn ="Provider=Microsoft.JET.OLEDB.4.0;Data Source=C:\\Nwind.mdb;"; String myQuery = "Insert into Customers(CustomerID,CompanyName) Values ('aaaaa', 'aaaaa')";
OleDbConnection cn = new OleDbConnection(myConn); cn.Open(); OleDbCommand cmd = new OleDbCommand(myQuery, cn); cmd.ExecuteNonQuery(); cn.close();
|
4. |
Modify the connection string as appropriate for your
environment. |
5. |
Compile the project. |
6. |
View WebForm1.aspx in your browser. Notice that you receive
one of the above-mentioned exceptions. |
For additional information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
306590 (http://support.microsoft.com/kb/306590/)
ASP.NET security overview
307626 (http://support.microsoft.com/kb/307626/) ASP.NET configuration overview
For more information about the
<processModel> section, visit the following Microsoft Developer Network (MSDN)
Web site: