Security Exception when creating object

J

Jeff

Hi,

I am deploying my web application to a new host site and am having
problems setting up the email. The site does not support ASP.NET
user.

There is an .asp file that works correctly with the following code:

set smtp = Server.CreateObject("Bamboo.SMTP")

I am trying to migrate this to the vb code behind (aspx). Since the
set statement is not supported, I tried the following code

Dim smtp as object
smtp = Server.CreateObject("Bamboo.SMTP")

This caused a security exception (The application attempted to perform
an operation not allowed by the security policy. To grant this
application the required permission please contact your system
administrator or change the application's trust level in the
configuration file.)

I modified the web.config with:

<trust level="Medium" />

but the site administrator has locked access to this section using
<location allowOverride="false"> from an inherited configuration file.
I also tried <identity impersonate="true"/> with same results.

I then tried
Dim smtpType = Type.GetTypeFromProgID("Bamboo.SMTP")

but this gets a security exception too.

I have considered leaving the functionality in the asp file, but would
rather not.

Is there a solution to this?

Thanks for any help!

Jeff
 
J

Javier Miranda

Jeff,

I don’t know your host provider. I will assume some facts

Your host company responsibly locks your application so your code doesn’t execute anything harmful. Probably they implement the Least Privilege Principle and you should contact them to get authorization. If you can instantiate the object from ASP I think it will be OK for them to let you perform the same from ASP.NET

First, you will be required to sign your assembly (give it a strong name). Then they will apply .NET configuration policy to your assembly to let it call what you require and nothing else. You will be dealing with what is called Code Access Security

That’s good. It means that your host provider is securing web applications on a shared web server. It could also mean that other developers can’t access your code or data; neither vice versa

A possible solution could be to share state between ASP and ASP.NET so you can instantiate the object in ASP and then access it from ASP.NET. For more info see “Sharing ASP State with ASP.NET by: David Gerdingâ€

Hope it helps

-Javier M
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Security Exception 0
Security Exception 0
Security Exception when Deploying to IIS 0
Security Exception when accessing the registry 2
Security Exception - Accessing remote folders & files 0
Security Exception Error from Premade Template 1
Security Exception 5
EventLogTraceListener Security Exception 0

Members online

No members online now.
Total: 32 (members: 1, guests: 31)
Robots: 222

Forum statistics

Threads
473,764
Messages
2,569,567
Members
45,041
Latest member
RomeoFarnh

Latest Threads

Top