Windows Form Control Hosted in IE - Access to Workstation Resources?

Discussion in 'ASP .Net Web Controls' started by Joseph Geretz, Mar 11, 2008.

  1. I understand that the default access restrictions will not allow a Form
    Control hosted within IE to access workstation resources (i.e. Filesystem,
    Printers, etc.). Naturally, this makes sense.

    However, is there any way to alter permission settings to allow this? We are
    contemplating this sort of engineering for its unique combination of
    deployment advantages, coupled with the ability to engineer a rich Win32
    interface. We also like the browser embedded model since this will interface
    nicely with other areas of our application which host an embedded browser.
    The only limitaiton we need to overcome is the ability for our own code,
    loaded from our own application server, and running within the browser, to
    be able to access the filesystem (and other resources) of the local
    workstation upon which it will be running.

    If I recall correctly, this was possible with ActiveX documents running
    inside a browser (subject to permisisons of course). Will this be possible
    with the .NET form control hosted within the browser? If so, what needs to
    be configured on the workstation in order to allow this?

    Thanks for your advice!

    - Joseph Geretz -
     
    Joseph Geretz, Mar 11, 2008
    #1
    1. Advertising

  2. Joseph Geretz

    Joe Kaplan Guest

    Shawn Farkas from MS has in the past blogged fairly extensively about this
    kind of stuff. I think some of the articles are a little old at this point
    but still relevant. I'd start there. :)

    http://blogs.msdn.com/shawnfa/

    Joe K.
    --
    Joe Kaplan-MS MVP Directory Services Programming
    Co-author of "The .NET Developer's Guide to Directory Services Programming"
    http://www.directoryprogramming.net
    --
    "Joseph Geretz" <> wrote in message
    news:...
    >I understand that the default access restrictions will not allow a Form
    >Control hosted within IE to access workstation resources (i.e. Filesystem,
    >Printers, etc.). Naturally, this makes sense.
    >
    > However, is there any way to alter permission settings to allow this? We
    > are contemplating this sort of engineering for its unique combination of
    > deployment advantages, coupled with the ability to engineer a rich Win32
    > interface. We also like the browser embedded model since this will
    > interface nicely with other areas of our application which host an
    > embedded browser. The only limitaiton we need to overcome is the ability
    > for our own code, loaded from our own application server, and running
    > within the browser, to be able to access the filesystem (and other
    > resources) of the local workstation upon which it will be running.
    >
    > If I recall correctly, this was possible with ActiveX documents running
    > inside a browser (subject to permisisons of course). Will this be possible
    > with the .NET form control hosted within the browser? If so, what needs to
    > be configured on the workstation in order to allow this?
    >
    > Thanks for your advice!
    >
    > - Joseph Geretz -
    >
    >
     
    Joe Kaplan, Mar 12, 2008
    #2
    1. Advertising

  3. Thanks Joe,

    I used the info in this page:

    http://msdn.microsoft.com/msdnmag/issues/02/01/UserCtrl/

    Basically, I gave http://localhost/* full trust.

    I don't know why the author states that the following statements are
    necessary to bracket code statements which take advantage of grnated
    permissions.

    new FileIOPermission(PermissionState.Unrestricted).Assert();
    ....
    CodeAccessPermission.RevertAssert();

    I have found that these are not necessary. (I note that the article is from
    2002.)

    Thanks,

    - Joe Geretz -

    "Joe Kaplan" <> wrote in message
    news:...
    > Shawn Farkas from MS has in the past blogged fairly extensively about this
    > kind of stuff. I think some of the articles are a little old at this
    > point but still relevant. I'd start there. :)
    >
    > http://blogs.msdn.com/shawnfa/
    >
    > Joe K.
    > --
    > Joe Kaplan-MS MVP Directory Services Programming
    > Co-author of "The .NET Developer's Guide to Directory Services
    > Programming"
    > http://www.directoryprogramming.net
    > --
    > "Joseph Geretz" <> wrote in message
    > news:...
    >>I understand that the default access restrictions will not allow a Form
    >>Control hosted within IE to access workstation resources (i.e. Filesystem,
    >>Printers, etc.). Naturally, this makes sense.
    >>
    >> However, is there any way to alter permission settings to allow this? We
    >> are contemplating this sort of engineering for its unique combination of
    >> deployment advantages, coupled with the ability to engineer a rich Win32
    >> interface. We also like the browser embedded model since this will
    >> interface nicely with other areas of our application which host an
    >> embedded browser. The only limitaiton we need to overcome is the ability
    >> for our own code, loaded from our own application server, and running
    >> within the browser, to be able to access the filesystem (and other
    >> resources) of the local workstation upon which it will be running.
    >>
    >> If I recall correctly, this was possible with ActiveX documents running
    >> inside a browser (subject to permisisons of course). Will this be
    >> possible with the .NET form control hosted within the browser? If so,
    >> what needs to be configured on the workstation in order to allow this?
    >>
    >> Thanks for your advice!
    >>
    >> - Joseph Geretz -
    >>
    >>

    >
    >
     
    Joseph Geretz, Mar 12, 2008
    #3
  4. Follow up:

    Now that this is working properly, how do I make that one last modification
    so that the user doesn't need to explicitly click or hit spacebar or Enter
    in order to explicitly activate the control? Can this be loaded in a 'ready'
    state so the user can go right to work with this?

    Thanks!

    - Joseph Geretz -

    "Joseph Geretz" <> wrote in message
    news:%...
    > Thanks Joe,
    >
    > I used the info in this page:
    >
    > http://msdn.microsoft.com/msdnmag/issues/02/01/UserCtrl/
    >
    > Basically, I gave http://localhost/* full trust.
    >
    > I don't know why the author states that the following statements are
    > necessary to bracket code statements which take advantage of grnated
    > permissions.
    >
    > new FileIOPermission(PermissionState.Unrestricted).Assert();
    > ...
    > CodeAccessPermission.RevertAssert();
    >
    > I have found that these are not necessary. (I note that the article is
    > from 2002.)
    >
    > Thanks,
    >
    > - Joe Geretz -
    >
    > "Joe Kaplan" <> wrote in message
    > news:...
    >> Shawn Farkas from MS has in the past blogged fairly extensively about
    >> this kind of stuff. I think some of the articles are a little old at
    >> this point but still relevant. I'd start there. :)
    >>
    >> http://blogs.msdn.com/shawnfa/
    >>
    >> Joe K.
    >> --
    >> Joe Kaplan-MS MVP Directory Services Programming
    >> Co-author of "The .NET Developer's Guide to Directory Services
    >> Programming"
    >> http://www.directoryprogramming.net
    >> --
    >> "Joseph Geretz" <> wrote in message
    >> news:...
    >>>I understand that the default access restrictions will not allow a Form
    >>>Control hosted within IE to access workstation resources (i.e.
    >>>Filesystem, Printers, etc.). Naturally, this makes sense.
    >>>
    >>> However, is there any way to alter permission settings to allow this? We
    >>> are contemplating this sort of engineering for its unique combination of
    >>> deployment advantages, coupled with the ability to engineer a rich Win32
    >>> interface. We also like the browser embedded model since this will
    >>> interface nicely with other areas of our application which host an
    >>> embedded browser. The only limitaiton we need to overcome is the ability
    >>> for our own code, loaded from our own application server, and running
    >>> within the browser, to be able to access the filesystem (and other
    >>> resources) of the local workstation upon which it will be running.
    >>>
    >>> If I recall correctly, this was possible with ActiveX documents running
    >>> inside a browser (subject to permisisons of course). Will this be
    >>> possible with the .NET form control hosted within the browser? If so,
    >>> what needs to be configured on the workstation in order to allow this?
    >>>
    >>> Thanks for your advice!
    >>>
    >>> - Joseph Geretz -
    >>>
    >>>

    >>
    >>

    >
    >
     
    Joseph Geretz, Mar 12, 2008
    #4
  5. Joseph Geretz

    Joe Kaplan Guest

    I think it depends on the way you configure the membership conditions. If
    you use a strong name membership condition, then you'll need to assert
    permissions as the app domain that IE itself loads the control in won't have
    that particular condition apply to it. With the URL membership condition,
    it will. You typically don't want to use extremely broad-based membership
    conditions if you can avoid it as they open up security risks.

    I can't answer your other question about having to hit the space bar. I
    think that is a feature. :)

    Joe K.
    --
    Joe Kaplan-MS MVP Directory Services Programming
    Co-author of "The .NET Developer's Guide to Directory Services Programming"
    http://www.directoryprogramming.net
    --
    "Joseph Geretz" <> wrote in message
    news:%...
    > Thanks Joe,
    >
    > I used the info in this page:
    >
    > http://msdn.microsoft.com/msdnmag/issues/02/01/UserCtrl/
    >
    > Basically, I gave http://localhost/* full trust.
    >
    > I don't know why the author states that the following statements are
    > necessary to bracket code statements which take advantage of grnated
    > permissions.
    >
    > new FileIOPermission(PermissionState.Unrestricted).Assert();
    > ...
    > CodeAccessPermission.RevertAssert();
    >
    > I have found that these are not necessary. (I note that the article is
    > from 2002.)
    >
    > Thanks,
    >
    > - Joe Geretz -
    >
    > "Joe Kaplan" <> wrote in message
    > news:...
    >> Shawn Farkas from MS has in the past blogged fairly extensively about
    >> this kind of stuff. I think some of the articles are a little old at
    >> this point but still relevant. I'd start there. :)
    >>
    >> http://blogs.msdn.com/shawnfa/
    >>
    >> Joe K.
    >> --
    >> Joe Kaplan-MS MVP Directory Services Programming
    >> Co-author of "The .NET Developer's Guide to Directory Services
    >> Programming"
    >> http://www.directoryprogramming.net
    >> --
    >> "Joseph Geretz" <> wrote in message
    >> news:...
    >>>I understand that the default access restrictions will not allow a Form
    >>>Control hosted within IE to access workstation resources (i.e.
    >>>Filesystem, Printers, etc.). Naturally, this makes sense.
    >>>
    >>> However, is there any way to alter permission settings to allow this? We
    >>> are contemplating this sort of engineering for its unique combination of
    >>> deployment advantages, coupled with the ability to engineer a rich Win32
    >>> interface. We also like the browser embedded model since this will
    >>> interface nicely with other areas of our application which host an
    >>> embedded browser. The only limitaiton we need to overcome is the ability
    >>> for our own code, loaded from our own application server, and running
    >>> within the browser, to be able to access the filesystem (and other
    >>> resources) of the local workstation upon which it will be running.
    >>>
    >>> If I recall correctly, this was possible with ActiveX documents running
    >>> inside a browser (subject to permisisons of course). Will this be
    >>> possible with the .NET form control hosted within the browser? If so,
    >>> what needs to be configured on the workstation in order to allow this?
    >>>
    >>> Thanks for your advice!
    >>>
    >>> - Joseph Geretz -
    >>>
    >>>

    >>
    >>

    >
    >
     
    Joe Kaplan, Mar 12, 2008
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Günther Rühmann
    Replies:
    1
    Views:
    1,396
    Günther Rühmann
    Jan 31, 2004
  2. =?Utf-8?B?ZXN3YW5zb24=?=

    asp.net 2.0 on a windows xp workstation

    =?Utf-8?B?ZXN3YW5zb24=?=, Jul 11, 2006, in forum: ASP .Net
    Replies:
    4
    Views:
    476
    Walter Wang [MSFT]
    Jul 14, 2006
  3. Wells Caughey
    Replies:
    1
    Views:
    196
    Wells Caughey
    Aug 4, 2004
  4. Joseph Geretz
    Replies:
    4
    Views:
    174
    Joe Kaplan
    Mar 12, 2008
  5. JVRudnick
    Replies:
    2
    Views:
    115
    rob^_^
    Feb 29, 2008
Loading...

Share This Page