Security Permissions with embedded Winforms App

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I've got a .net 2.0 winforms app that is embedded in an IE page. When I try
to move this to a Windows server 2003 machine with IIS 6 I get a security
exception:

System.IO.FileLoadException: Could not load file or assembly xxxxxxx.Common,
Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' or one of its
dependencies. Failed to grant minimum permission requests. (Exception from
HRESULT: 0x80131417)

I've seen this out there in the forums, but I've got a machine policy that
gives fulltrust to all code from the location it gets the DLL from. If I use
the Framework 2.0 Configuration utility to evaluate the assembly it says that
it is "unrestricted".

There might be some classes in the xxxxx.Common dll that have unsafe code.
Could that have something to do with it? I have no declarative security
attributes. THis is configured so that the code would be downloaded into the
download cache and executed from there. Any ideas?

Thanks.
 
Hi,

Thank you for posting.

Could you tell me what assemblies does the xxx.Common dll has refered to?

You may have a try adding the website's the URL to the trusted sites list.

To do this, open the Control Panel and double-click the Internet Options
item in it. In the Internet Properties window, select Security tab and then
Trusted sites item in the tab. Click the Sites button and input the
website's URL in the dialog.

Hope this helps.


Sincerely,
Linda Liu
Microsoft Online Community Support

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================

This posting is provided "AS IS" with no warranties, and confers no rights.
 
xxx.Common references:

System
System.configuration
System.Data
System.Drawing
System.Runtime.Remoting
System.xml
Microsoft.VisualBasic

Log4net (Opensource logging system)
Spring.AOP(Opensource framework system)
Spring.Core
Spring.services

(Imaging Libraries)
Atalasoft.dotImage
Atalasoft.dotImage.Lib
Atalasoft.Shared

If you are talking about the trusted sites list on my client PC, then it is
already in that zone. I have also modified the .net security policy on the
client PC to allow fulltrust to all code coming from the webserver that is
hosting the page with the embedded dlls.

This configuration all worked fine using my local PC as the webserver (Win
xp with IIS 5.1) but fails to work when moved to Win Server 2003 with IIS 6.0.
 
Hi Jeremy,

Thanks for your update.

I notice that xxx.Common refers to some third party assemblies, such as
Log4net, Spring.AOP, Spring.Core and so on.

Have you added those third party assemblies xxx.Common refers to in the GAC
on your client PC? If not, I think you may have a try adding these
assemlies in the GAC on your client PC.

Hope this helps.


Sincerely,
Linda Liu
Microsoft Online Community Support
 
Back
Top