 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / Visual Studio.NET / VS Tools for Office / July 2004Security problem.
Ok, I was getting a security error for a long time, i opened a support incident, got it working by adding this to my .net security: caspol -m -ag My_Computer_Zone -url file:///C:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll FullTrust -n "System.dll" -d "Allow XML Serialisation inside VSTO projects" That worked. I had blow away my machine. After building it back up and updating my .net security, I cannot get rid of the security error. Any help greatly appreciated. Rick. > Ok, I was getting a security error for a long time, i opened a support > incident, got it working by adding this to my .net security: [quoted text clipped - 6 lines] > That worked. I had blow away my machine. After building it back up and > updating my .net security, I cannot get rid of the security error. Hi, Are you sure it is due to the web services failing? Can you checkout the instructions under "Failing to Execute" at: http://weblogs.asp.net/ptorr/archive/2003/10/06/56250.aspx and post them? Then maybe try the suggestion in the linked newsgroup post: http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&selm=eHZ0VqSZDHA.736%40TK2MSF TNGP09.phx.gbl A full explanation of why this occurs is at: http://weblogs.asp.net/ptorr/archive/2003/11/22/56344.aspx Oh, are you running Whidbey beta at all? If so then you have to trust the Whidbey assemblies, not the Everett ones... Thanks, Peter  SignaturePeter Torr - http://weblogs.asp.net/ptorr/ This posting is provided "AS IS" with no warranties, and confers no rights Samples are subject to the terms specified at http://www.microsoft.com/info/cpyright.htm Hi Peter, Thanks for the links, I had seen those and read the previously, but I gave them another read to see if I was missing something. This is definitely the webservice call that is failing. I verifed this stepping through the code. What I am doing is calling the webservices exposed by the Microsoft CRM to generate some excel reports. The webservice call to CRM is failing. I am using VS 2003, not whidbey, yet. I have read your Blog before. The interesting thing, is that where you say the IDE has set up all the security for me, it really hasn't, or something is out of line as a result of something else. I am running in debug in the IDE and the security error is happening. All files are local at this time. Here is the results of caspol. Here is the results of -lg and -rsg respectively: Microsoft (R) .NET Framework CasPol 1.1.4322.573 Copyright (C) Microsoft Corporation 1998-2002. All rights reserved. Security is ON Execution checking is ON Policy change prompt is ON Level = Machine Code Groups: 1. All code: Nothing 1.1. Zone - MyComputer: FullTrust 1.1.1. StrongName - 002400000480000094000000060200000024000052534131000400000100010007D1FA57C4AE D9F0A32E84AA0FAEFD0DE9E8FD6AEC8F87FB03766C834C99921EB23BE79AD9D5DCC1DD9AD236 132102900B723CF980957FC4E177108FC607774F29E8320E92EA05ECE4E821C0A5EFE8F1645C 4C0C93C1AB99285D622CAA652C1DFAD63D745D6F2DE5F17E5EAF0FC4963D261C8A1243651820 6DC093344D5AD293: FullTrust 1.1.2. StrongName - 00000000000000000400000000000000: FullTrust 1.1.3. Url - file://C:/windows/assembly/gac/*: FullTrust 1.2. Zone - Intranet: LocalIntranet 1.2.1. All code: Same site Web. 1.2.2. All code: Same directory FileIO - Read, PathDiscovery 1.3. Zone - Internet: Internet 1.3.1. All code: Same site Web. 1.4. Zone - Untrusted: Nothing 1.5. Zone - Trusted: Internet 1.5.1. All code: Same site Web. 1.6. StrongName - 00240000048000009400000006020000002400005253413100040000010001002DB7FDCC2B91 B48A42A425406DC6B594D2BAEF4CE5C6B2D50A915D2F073292CC458BE778BA552F09F82AF41C 1CA8505FA79CDA8721A7AB92805580E6EE7B4D5BF5BBCF875EC99B5D283269B0CC69408A170F 2CBCF7AB8E160904F459A6E004AAE05A77FD651379FFF865DDAFDB0F4DB3206AF07C1EC9E931 B372374F7A0886A2: FullTrust 1.7. Url - http://localhost/*: FullTrust 1.8. Url - file://APPSERVER/*: FullTrust 1.9. Url - http://localhost/*: FullTrust Success caspol -rsg: Microsoft (R) .NET Framework CasPol 1.1.4322.573 Copyright (C) Microsoft Corporation 1998-2002. All rights reserved. Level = Enterprise Code Groups: 1. All code: FullTrust Level = Machine Code Groups: 1. All code: Nothing 1.1. Zone - MyComputer: FullTrust Level = User Code Groups: 1. All code: FullTrust 1.1. All code: Nothing 1.1.1. Url - file://C:/*: Execution Success > > Ok, I was getting a security error for a long time, i opened a support > > incident, got it working by adding this to my .net security: > > > > caspol -m -ag My_Computer_Zone -url file:///C:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll > > FullTrust -n "System.dll" -d "Allow XML Serialisation inside VSTO > > projects" [quoted text clipped - 11 lines] > > and post them? Then maybe try the suggestion in the linked newsgroup post: http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&selm=eHZ0VqSZDHA.736%40TK2MSF TNGP09.phx.gbl > A full explanation of why this occurs is at: > [quoted text clipped - 6 lines] > > Peter > Level = User > [quoted text clipped - 3 lines] > 1.1. All code: Nothing > 1.1.1. Url - file://C:/*: Execution Have a look at the User level of your security policy. It looks rather strange. As all three (four if we count AppDomain) levels are intersected, the User policy can only be used to further restrict permissions. There is a bug with assemblies generated at runtime, but I see from your previous post the MS has already given you the fix. Jens. Signaturehttp://ManagedXLL.net/ Replace MSDN with my first name when replying to my email address! > Hi Peter, > > Thanks for the links, I had seen those and read the previously, but I gave > them another read to see if I was missing something. You should try out the code to display all the loaded assemblies, too. > Level = User > [quoted text clipped - 3 lines] > 1.1. All code: Nothing > 1.1.1. Url - file://C:/*: Execution Herein lies the problem - you are only granted Execution permission (remember that permissions granted by "All Code" or "Zone" membership conditions are ignored by VSTO). If this is your main VSTO assembly, it needs to have FullTrust. If it is the web service assembly, it will need at least WebPermission to the URL of the web service. > I have read your Blog before. The interesting thing, is that where you say > the IDE has set up all the security for me, it really hasn't, or something > is out of line as a result of something else. VSTO only really sets up permissions for the main assembly; any assemblies that you reference need to be trusted manually. > 1.6. StrongName - > 00240000048000009400000006020000002400005253413100040000010001002DB7FDCC2B91 > B48A42A425406DC6B594D2BAEF4CE5C6B2D50A915D2F073292CC458BE778BA552F09F82AF41C > 1CA8505FA79CDA8721A7AB92805580E6EE7B4D5BF5BBCF875EC99B5D283269B0CC69408A170F > 2CBCF7AB8E160904F459A6E004AAE05A77FD651379FFF865DDAFDB0F4DB3206AF07C1EC9E931 > B372374F7A0886A2: FullTrust You should not add keys to the root of policy; you should add them under 'My Computer" or the Trusted / LocalIntranet zones. Otherwise, if a bad guy ever gets hold of some old signed-but-buggy code, it's game over. Even more so if you skip verification, waiting for IT to real-sign stuff for you. Peter SignaturePeter Torr - http://weblogs.asp.net/ptorr/ This posting is provided "AS IS" with no warranties, and confers no rights Samples are subject to the terms specified at http://www.microsoft.com/info/cpyright.htm Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.