Creating a Wrapper

[Stephen]

Hi
I am currently developing a web application that has a third party
component on it. The third party component is a graph component from
Xceed that uses a number of dlls. The problems occur when we attempt
to deploy the application and the third party component causes a
security exception.

Description: The application attempted to perform an operation not
allowed by the security policy. To grant this application the required
permission please contact your system administrator or change the
application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Security error.

When I asked our web hosts about this, i was told the following:

Our senior engineers have advised that you need a wrapper for this
assembly. The wrapper assembly should be strong-named, with the APTCA
setting set.
This wrapper assembly will then need to be added to the GAC.
Once this is done, you should be able to use the component from an
assembly without the calling assembly requiring full trust.

I am very new to this and I have no idea what they are talking about.
If someone could please explain to me what they want me to do, it
would be greatly appreciated.
Thank you very much
Stephen van Rees

 

[Dan Bass]

Stephen,

Our senior engineers have advised that you need a wrapper for this
assembly.

A wrapper is simply another layer or link in the calling chain. In this
case, they're asking that you create a class library, that has the sole
responsibility of calling your third party software. So if there's a method
on this software saying CreateGrapth (...), then you should create a method
called GrapthCreate(...) (or anything similar), that calls the third part
CreateGraph with the parameters it is passed.

The wrapper assembly should be strong-named, with the
APTCA setting set.

Now we're finding out why they suggest the wrapper. APTCA simply means
AllowPartiallyTrustedCallersAttribute. Read up to find out more...
googled:
http://www.google.co.uk/search?hl=en&safe=off&q=AllowPartiallyTrustedCallersAttribute&meta=
MSDN:
http://msdn.microsoft.com/library/d...artiallyTrustedCallersAttributeClassTopic.asp
[beware of line wraps]

This wrapper assembly will then need to be added to the GAC.

The GAC is the Global Assembly Cache. This is a cache held by the .Net
framework that simply means the object is registered at some location, and
then any .Net application can create and use objects that exist with in it
without knowing the location. Again more reading on your part would be a
good idea.
http://www.codeproject.com/dotnet/DemystifyGAC.asp
googled:
http://www.google.co.uk/search?sour...2004-35,GGLD:en&q=site:msdn.microsoft.com+GAC
[beware of line wraps]

Once this is done, you should be able to use the component from an
assembly without the calling assembly requiring full trust.

There basic logic is that this wrapper will allow callers who aren't
entirely trusted to call it (ie, your stuff), but that this wrapper will be
fully trusted by the 3rd party software. Think of it as creating a
mediator...

Let me know if you need anymore help.

Dan.

 

[svanrees]

Hi Dan,
Thank you very much for your help. I think I understand most of this
now. My only remaining query relates to writing the wrapper.
As this component is currently placed on the form at design time, do I
have to generate and position it on the form at run time using my
wrapper class?
And finally, is this a common problem with all third party components
and web hosts, it seems a bit strange that I have to go to such lengths
to use
a commerical product?
Thank you once again
Stephen

 

[Dan Bass]

Stephen,

It does seem a little strange I must admit. The other thing I would try is
going back to the supplier of the application to see if they've heard of
this problem before.
Have you seen this? http://www.xceedsoft.com/support/FAQ.asp?Pid=676&Gen=0

In terms of writing the wrapper, the fact it's a control means that in the
initial step of creating the project, you should create a "Web Control
Library".
From here add a reference to the Xceed package, and finally change the class
to inherit from the control, rather than from
System.Web.UI.WebControls.WebControl...
After this, you simply need to make the wrapper strong named so it can be
loaded into the GAC (google on strong named and GAC), then change the APTCA
setting to see if this works.
This should then allow you to drop the wrapper on the dialog you want...

Remember this is doing only what the engineers at your provider have said to
do, so you may need to speak to the relevant people to get this all working.

 

[svanrees]

Alright, I will give all that a go
Thanks very much for all your help!
Stephen