ASP.NET 2.0 and Partial Trust with VSTO

[Ken Cox [Microsoft MVP]]

Hi folks,

I need some help with an ASP.NET 2.0 page that generates the following error
when it calls a VSTO runtime DLL:

System.Security.SecurityException: That assembly does not allow partially
trusted callers.

My understanding was that for my partial-trust Web application to call a
VSTO strong-named assembly, the assembly needs to be in the GAC. That is,
the GAC grants Full Trust by default.

My ISP (ServerIntellect) kindly installed the VSTO runtimes in the GAC, but
still no luck - same error when I run the code.

What needs to be done in this case? Does the VSTO assembly need to be marked
with the 'allow partially trusted callers' (APTCA) even when in the GAC?

I've put in some repro code below.

Thanks!

Ken
Microsoft MVP [ASP.NET]
(e-mail address removed)

<%@ Page Language="VB" %>
<%@ Import Namespace="System.Configuration" %>
<%@ Import Namespace="System.Web.Configuration" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.Common" %>
<%@ Import Namespace="System.Data.OleDb" %>
<%@ Import Namespace="System.IO" %>
<%@ Import Namespace="Microsoft.VisualStudio.Tools.Applications.Runtime" %>

<script runat="server">
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs)
Dim template() As Byte
Dim sd As
Microsoft.VisualStudio.Tools.Applications.Runtime.ServerDocument
Response.Write(Environment.UserName)
sd = New
Microsoft.VisualStudio.Tools.Applications.Runtime.ServerDocument(template,
".DOC")
End Sub
</script>

 

[bruce barker \(sqlwork.com\)]

VSTO call unmanged code so its not trusted. installng it in the gac does not
make it trusted. as you proably do not have the source code to change the
attributes you need to write a trusted wrapper around it andf install this
in the gac. this is a really bad idea for your ISP, as VSTO can crash
asp.net if not called correctly.

-- bruce (sqlwork.com)

 

[Ken Cox [Microsoft MVP]]

Hmmm. Strange.

The ServerDocument object isn't supposed to require Word or Excel so where
would it use unmanaged code?

The bits I'm using constitute a technology that was *designed* for server
use. If you're right, somebody really screwed up here.

VSTO call unmanged code so its not trusted. installng it in the gac does
not make it trusted. as you proably do not have the source code to change
the attributes you need to write a trusted wrapper around it andf install
this in the gac. this is a really bad idea for your ISP, as VSTO can crash
asp.net if not called correctly.

-- bruce (sqlwork.com)

Hi folks,

I need some help with an ASP.NET 2.0 page that generates the following
error when it calls a VSTO runtime DLL:

System.Security.SecurityException: That assembly does not allow partially
trusted callers.

My understanding was that for my partial-trust Web application to call a
VSTO strong-named assembly, the assembly needs to be in the GAC. That is,
the GAC grants Full Trust by default.

My ISP (ServerIntellect) kindly installed the VSTO runtimes in the GAC,
but still no luck - same error when I run the code.

What needs to be done in this case? Does the VSTO assembly need to be
marked with the 'allow partially trusted callers' (APTCA) even when in
the GAC?

I've put in some repro code below.

Thanks!

Ken
Microsoft MVP [ASP.NET]
(e-mail address removed)

<%@ Page Language="VB" %>
<%@ Import Namespace="System.Configuration" %>
<%@ Import Namespace="System.Web.Configuration" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.Common" %>
<%@ Import Namespace="System.Data.OleDb" %>
<%@ Import Namespace="System.IO" %>
<%@ Import Namespace="Microsoft.VisualStudio.Tools.Applications.Runtime"
%>

<script runat="server">
Protected Sub Page_Load(ByVal sender As Object, ByVal e As
System.EventArgs)
Dim template() As Byte
Dim sd As
Microsoft.VisualStudio.Tools.Applications.Runtime.ServerDocument
Response.Write(Environment.UserName)
sd = New
Microsoft.VisualStudio.Tools.Applications.Runtime.ServerDocument(template,
".DOC")
End Sub
</script>

 

[Steven Cheng[MSFT]]

Hello Ken,

As for the CAS exception you encountered, my understanding is that the VSTO
assembly(or maybe another intermediate assemby which calls VSTO assembly)
is demanding the caller to have FullTrust permission. I haven't performed
deep investigation into VSTO , but looking from the CAS perspective, if it
is some certain assembly in the calling path(from your asp.net code to VSTO
runtime assembly) that demand fullTrust permission, simply adding the VSTO
assembly into GAC will not work. Because your ASP.NET application is still
a partial trusted runtime host and if the demand is performed from the
GACed assembly to your ASP.NET application, it will still fails.

I think Bruce's suggestion is reasonable. You can create a wrapper class
which call those VSTO components and this wrapper class is compiled into a
separate assembly(wrapper assembly), strong name it and install this
wrapper assembly into GAC. Thus, when any linkedDemand(for FullTrust)
performed from the callee assembly of the wrapper assembly, it will get
satisfied. Also, apply the "AllowPartiallyTrustedCallersAttribute" for the
wrapper assembly so that your ASP.NET(partial trusted) host can call it
correctly.

Hope this helps.

Regards,

Steven Cheng
Microsoft MSDN Online Support Lead


==================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

==================================================


This posting is provided "AS IS" with no warranties, and confers no rights.



Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

 

[Steven Cheng[MSFT]]

Hi Ken,

I just forgot the step that you'll also need to assert the certain CAS
permission in your wrapper assembly's code so that the demand won't go
upper to any further caller assemblies. You can refer to the "Wrapping
Privileged Code" section in the following msdn article:

http://msdn.microsoft.com/library/en-us/dnpag2/html/paght000017.asp?frame=tr
ue#paght000017_wrappingprivilegedcode

Thanks & Regards,

Steven Cheng
Microsoft MSDN Online Support Lead


==================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

==================================================


This posting is provided "AS IS" with no warranties, and confers no rights.



Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

 

[Ken Cox [Microsoft MVP]]

Hi Steven,

Thanks for your response.

The problem is that the Web site in question is hosted by an ISP. I don't
have control over what goes into the GAC, and I can't imagine that the ISP
wants to start putting client components into the GAC. They agreed to
install VSTO because it is a Microsoft-supported technology.

Am I right in concluding that VSTO is not really designed for Internet
applications where the site owner doesn't control the Web server?

Thanks,

Ken
Microsoft MVP [ASP.NET]

 

[Steven Cheng[MSFT]]

Hi Ken,

Yes, and this is true for any other components which will demand FullTrust
callers or host environment. In .net framework 2.0, the "PermCalc.exe" tool
can be used to evaluate the CAS permission set required of a certain
assembly:

#Permission Calculator Tool (Permcalc.exe)
http://msdn2.microsoft.com/en-us/library/ms165077.aspx

Regards,

Steven Cheng
Microsoft MSDN Online Support Lead


==================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

==================================================


This posting is provided "AS IS" with no warranties, and confers no rights.



Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)