Can't configure security for client side control

Discussion in 'ASP .Net' started by 0to60, Oct 5, 2004.

  1. 0to60

    0to60 Guest

    I've created a Windows.Forms control and placed it on an aspx page with the
    <object> tag and verified that it works nicely. But, when I add
    functionality to it (specifically, stuff from system.net.sockets) I get a
    security policy violation. I've followed the instructions given at
    http://msdn.microsoft.com/msdnmag/issues/02/01/UserCtrl/default.aspx, but I
    can't get it to work at all. I add a permission set, add a code group,
    point it at my assembly via the strong name, etc... It works fine in a
    standalone app, but I can't get past security when the control is on a web
    page. Any suggestions?
     
    0to60, Oct 5, 2004
    #1
    1. Advertising

  2. Are you sure the code is executing in the group you specified? Under what
    node in the code groups tree did you create the new group? What condition
    type did you choose? I have done the exact thing you are trying but instead
    of using StrongName, I used url which worked.

    More than likely the code is not executing it the group you think.

    "0to60" wrote:

    > I've created a Windows.Forms control and placed it on an aspx page with the
    > <object> tag and verified that it works nicely. But, when I add
    > functionality to it (specifically, stuff from system.net.sockets) I get a
    > security policy violation. I've followed the instructions given at
    > http://msdn.microsoft.com/msdnmag/issues/02/01/UserCtrl/default.aspx, but I
    > can't get it to work at all. I add a permission set, add a code group,
    > point it at my assembly via the strong name, etc... It works fine in a
    > standalone app, but I can't get past security when the control is on a web
    > page. Any suggestions?
    >
    >
    >
     
    =?Utf-8?B?dG9tIHdpc25vd3NraQ==?=, Oct 5, 2004
    #2
    1. Advertising

  3. 0to60

    0to60 Guest

    "tom wisnowski" <> wrote in message
    news:...
    > Are you sure the code is executing in the group you specified? Under what
    > node in the code groups tree did you create the new group? What condition
    > type did you choose? I have done the exact thing you are trying but

    instead
    > of using StrongName, I used url which worked.
    >
    > More than likely the code is not executing it the group you think.


    I created the code group under Machine->IntranetZone. Does that make a
    difference? How exactly do I say which zone my code will apply to? I
    thought that was all controlled by the membership specifics for that code
    group, i.e. if it has a strong name of such and such, it will be run under
    this code group. Is that not so?

    Furthermore, when I ran the Evaluate an Assembly util on my assembly, it
    came back "unrestriced access". That kinda makes sense, because if I
    created an assembly for a standalone .exe, it would be able to pretty much
    do anything. If I look at it that way, it SHOULD be unrestricted. But on a
    web page, it SHOULD have more security. How can I see the difference?
     
    0to60, Oct 5, 2004
    #3
  4. Try something like this to look at the evidence the assembly is executing with:


    public void GetEvidence()
    {
    IEnumerator enumerator =
    Assembly.GetExecutingAssembly().Evidence.GetEnumerator();
    while(enumerator.MoveNext())
    {
    object o = enumerator.Current;
    //try cast to type of evidence object...
    switch(o.GetType().Name)
    {
    case "Group":
    CodeGroup g = (Group)o;
    //g.Name;
    break;
    case "Site":
    Site s = (Site)o;
    //s.Name;
    break;
    case "Url":
    Url u = (Url)u;
    //u.Value;
    break;
    //etc.....
    }
    }
    }

    you could call a function to return the group names that you could call from
    javascript, then write the names on the client UI for debugging purposes.
    (You could also use Debug.WriteLine and use Dbmon or DebugView on the client
    as well).

    Hope this helps!

    "tom wisnowski" wrote:

    > Are you sure the code is executing in the group you specified? Under what
    > node in the code groups tree did you create the new group? What condition
    > type did you choose? I have done the exact thing you are trying but instead
    > of using StrongName, I used url which worked.
    >
    > More than likely the code is not executing it the group you think.
    >
    > "0to60" wrote:
    >
    > > I've created a Windows.Forms control and placed it on an aspx page with the
    > > <object> tag and verified that it works nicely. But, when I add
    > > functionality to it (specifically, stuff from system.net.sockets) I get a
    > > security policy violation. I've followed the instructions given at
    > > http://msdn.microsoft.com/msdnmag/issues/02/01/UserCtrl/default.aspx, but I
    > > can't get it to work at all. I add a permission set, add a code group,
    > > point it at my assembly via the strong name, etc... It works fine in a
    > > standalone app, but I can't get past security when the control is on a web
    > > page. Any suggestions?
    > >
    > >
    > >
     
    =?Utf-8?B?dG9tIHdpc25vd3NraQ==?=, Oct 5, 2004
    #4
  5. That is partly true, it does resolve group membership via evidence. The
    system first resolves the top level group mebership, ie internet, intranet,
    etc. Once inside a group it looks at the sub groups at that level and thier
    membership conditions. The system will execute the code in the group that has
    a condition that matches the assembly's evidence. This process of searching
    for group membership is recursivley repeated until the assembly does not
    qualify for any sub group at a particular level. Once this condition is met,
    the code executes in the group at the current search level.



    "0to60" wrote:

    > "tom wisnowski" <> wrote in message
    > news:...
    > > Are you sure the code is executing in the group you specified? Under what
    > > node in the code groups tree did you create the new group? What condition
    > > type did you choose? I have done the exact thing you are trying but

    > instead
    > > of using StrongName, I used url which worked.
    > >
    > > More than likely the code is not executing it the group you think.

    >
    > I created the code group under Machine->IntranetZone. Does that make a
    > difference? How exactly do I say which zone my code will apply to? I
    > thought that was all controlled by the membership specifics for that code
    > group, i.e. if it has a strong name of such and such, it will be run under
    > this code group. Is that not so?
    >
    > Furthermore, when I ran the Evaluate an Assembly util on my assembly, it
    > came back "unrestriced access". That kinda makes sense, because if I
    > created an assembly for a standalone .exe, it would be able to pretty much
    > do anything. If I look at it that way, it SHOULD be unrestricted. But on a
    > web page, it SHOULD have more security. How can I see the difference?
    >
    >
    >
     
    =?Utf-8?B?dG9tIHdpc25vd3NraQ==?=, Oct 5, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. HS1
    Replies:
    0
    Views:
    475
  2. Boss302
    Replies:
    0
    Views:
    1,084
    Boss302
    Nov 21, 2006
  3. Bogdan
    Replies:
    2
    Views:
    678
    Bogdan
    Jun 9, 2008
  4. 0to60

    Can't configure security for client side control

    0to60, Oct 5, 2004, in forum: ASP .Net Building Controls
    Replies:
    3
    Views:
    116
    tom wisnowski
    Oct 5, 2004
  5. Zoe Hart
    Replies:
    1
    Views:
    389
    Scott Wisniewski
    Jan 8, 2004
Loading...

Share This Page