ASP.Net服务器上的进程无法通过IIS正确运行 [英] Process on ASP.Net server not running correctly over IIS
问题描述
我正在尝试在ASP.Net网络应用中的上传文件上运行防病毒扫描。我们正在使用Sophos,因此可以访问他们的命令行API sav32cli 。在我使用的代码中:
I am trying to run an antivirus scan on an uploaded file in an ASP.Net web app. We are using Sophos so have access to their command line API sav32cli. In the code I use:
Process proc = new Process();
proc.StartInfo.FileName = @"C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sav32cli.exe";
proc.StartInfo.Arguments = @"-remove -nc " + SavedFile;
proc.StartInfo.Verb = "runas";
proc.Start();
proc.WaitForExit();
int exitCode = proc.ExitCode;
当单步执行代码时,附加到 w3wp 在开发服务器上进行处理,代码只是从一行跳转到另一行似乎什么都不做。当从开发服务器上的代码运行时,它执行预期的扫描文件并删除它是否被视为病毒。
When stepping through the code, when attached to the w3wp process on dev server, the code just jumps from one line to the next seemingly doing nothing at all. When running from code on dev server, it performs as expected scanning file and deleting if it is seen as a virus.
服务器运行IIS 8.0,并构建应用程序在.Net Framework 4.我已根据这些说明更改了机器配置,以允许进程作为SYSTEM帐户运行。 https://support.microsoft.com/en- us / kb / 317012#%2Fen-us%2Fkb%2F317012
The server is running IIS 8.0, and the app built in .Net Framework 4. I have changed the machine config to allow the process to run as SYSTEM account, in accordance to these instructions. https://support.microsoft.com/en-us/kb/317012#%2Fen-us%2Fkb%2F317012
<processModel userName="SYSTEM" password="AutoGenerate" />
我有什么遗漏?这种实现的最佳实践是什么?
Is there something I'm missing? What is the best practice for this kind of implementation?
编辑:调用时,进程返回 ExitCode 2(错误停止执行),而不是预期的0(扫描工作,没有病毒),或3(扫描工作,发现病毒)。
EDIT: When called, the Process returns an ExitCode of 2 (Error stopped execution), rather than the expected 0 (Scan worked, no viruses), or 3 (Scan worked, viruses found).
编辑2 :根据下面的评论,我将代码更改为:
EDIT 2: As per comment below I changed the code to:
Process proc = new Process();
proc.StartInfo.FileName = @"C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sav32cli.exe";
proc.StartInfo.Arguments = @"-remove -nc " + SavedFile;
proc.StartInfo.RedirectStandardOutput = true;
proc.StartInfo.UseShellExecute = false;
proc.Start();
StringBuilder output = new StringBuilder();
while (!proc.StandardOutput.EndOfStream)
{
string line = proc.StandardOutput.ReadLine();
output.AppendLine(line);
}
proc.WaitForExit();
int exitCode = proc.ExitCode;
ASPxMemo2.Text = exitCode.ToString() + Environment.NewLine + output.ToString();
输出在IIS上运行时始终为空,但从代码运行时填充正确。
output is always empty when run over IIS, but is populated correctly when running from code.
编辑3 :而不是查看 StandardOutput 我们查看 StandardError 并显示此错误:
EDIT 3: Instead of looking at StandardOutput we looked at StandardError and it revealed this error:
初始化错误检测引擎[0xa0040200]
(可能用户管理员权限不足。)
Error initialising detection engine [0xa0040200] (Possible insufficient user Admin rights.)
暂时我们将转移到另一种病毒检查方法,但是如果有人有这种方法,我仍然想知道一个可能的解决方案。
For the time being we are going to move to another method of virus checking, but would still like to know a possible solution if anyone has it.
推荐答案
你需要制作确保在IIS中运行.NET应用程序的应用程序池对您的文件具有执行权限
You will need to make sure that the application pool that is running your .NET application inside IIS has execute permissions to your file
C:\Program Files(x86)\ Sophos \ Sophos Anti-Virus \sav32cli.exe
"C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sav32cli.exe"
您可能还需要将此权限添加到文件夹位置上传要扫描的文件的位置(例如:c:\ temp)
You may also need to add this permission to the folder location where the file to be scanned is uploaded (c:\temp) for example
您可能还需要具有管理员权限才能运行防病毒扫描,因为IIS8没有以管理员身份运行。当你调试时,visual studio使用你当前登录的windows用户(除非你使用runas),这样就解释了为什么它在调试时会起作用。
You may also need to have administrator privileges to run the anti virus scan since IIS8 does not run as an administrator. When you are debugging visual studio uses your current logged in windows user(unless you use runas) so this will explain why it would work when debugging.
这篇关于ASP.Net服务器上的进程无法通过IIS正确运行的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
