Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / .NET Framework / CLR / September 2003

Tip: Looking for answers? Try searching our database.

Remoting Security Restrictions between v1.0 and v1.1

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Christopher Pragash - 02 Sep 2003 19:41 GMT
Hello All,

I'm facing a serious development issue here concerned with .NET Remoting. I
developed a .NET Remoting Service (Server Activated) under .NET Framework
version 1.0. I test it by hosting the remoting component under a console
application and it worked fine. Then I had to deploy my remoting service and
the component under a windows 2003 box which we are using as a developmet
test box. And I started getting the "Because of Secrurity Restrictions, the
ObjRef cannot be accessed" . I read about the "Secure Serialization" in .NET
and made a change to the config file to reflect the "typeFilterLevel=Full".
My client assemblies are still in Version 1.0. and when I try to make a
remote call passing an object, I get the same errors. Any suggestions would
be of real great help.

Thanks so much in advance.

regards,
Chris
Reply to this Message
Ivan Medvedev [MS] - 02 Sep 2003 23:27 GMT
Christopher -
I am sorry, I don't know much about remoting itself, but I will try to throw
a couple of random ideas at you in case you find them useful.
- Are any of your managed components accessed on a network share or a mapped
drive? If so you may want to try to move them to a local drive;
- Do you have managed assemblies that are strongly named, but do not have
AllowPartiallyTrustedCallersAttribute on them? If so you may want to try and
put that attribute on them;
- Does the class that you are trying to access have a LinkDemand on it? If
it has a LinkDemand for an identity permission that its caller does not have
that may be the reason (you can use permview.exe to see declarative
security);
You can also run "caspol -rsp <assembly_url>" to see what permissions are
granted to what assembly, may be that will help some.
--Ivan
This posting is provided "AS IS" with no warranties, and confers no rights.
http://blogs.gotdotnet.com/ivanmed

> Hello All,
>
[quoted text clipped - 14 lines]
> regards,
> Chris
Reply to this Message
Conrad Zhang - 03 Sep 2003 08:17 GMT
Chris,

This is the breaking change and workaround for remoting security exception:

http://www.gotdotnet.com/team/changeinfo/Backwards1.0to1.1/default.aspx#00000153

> Hello All,
>
[quoted text clipped - 14 lines]
> regards,
> Chris
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.