Help needed with strong name web part

Philip Colmer · Jul 10, 2004

I'm trying to create a very simple web part that makes use of an external
DLL. The DLL tries to communicate with an external web site and I'm getting
a permissions exception when I try to add the web part to a SharePoint page.
From the research I've done, I think that this is because I've installed the
web part into the bin folder where the trust level is low and access to
external sites is not permitted.

I therefore want to rebuild the part with a strong name so that I can
install it into the GAC. Adding a strong name to my own code is
straight-forward enough but the Interop DLL that Visual Studio built for the
external DLL does not have a strong name and I can't figure out how to add
one.

So that is my problem. I'm using a DLL that I did not build. Visual Studio
has built an Interop DLL and I need to ensure that it is built with a strong
name.

Can someone please tell me what steps I need to take?

Thanks.

--Philip

[MSFT] · Jul 12, 2004

Hi Philip,

You can grant proper trust level on this assembly in ".NET configration
wizard". Additionally, you need to check the ASP.NET security also. The
external DLL will use the ASP .NET application's account to communicate
with external web site. This account may not have enough permission to do
this.

Luke

Philip Colmer · Jul 12, 2004

Hi Philip,

You can grant proper trust level on this assembly in ".NET configration
wizard". Additionally, you need to check the ASP.NET security also. The
external DLL will use the ASP .NET application's account to communicate
with external web site. This account may not have enough permission to do
this.

Are you suggesting, then, that I should leave my web part in /bin and not
try to install it in the GAC?

If that is your recommendation, then I'll go with that and change the trust
level. However, I thought that best practice was to strongly-name web parts,
which is where I was getting stuck. Not on my own web part, mind, but on the
Interop DLL that Visual Studio created.

--Philip

[MSFT] · Jul 13, 2004

Hi Philip,

Assemblies in GAC may not be full trust. I would like suggest to grant
trust for an assembly With .NET Configaration Wizard. You may refer to
following article:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/htm
l/cpconadministrationwithcodegroupattributes.asp

Luke

Philip Colmer · Jul 13, 2004

Hi Philip,

Assemblies in GAC may not be full trust. I would like suggest to grant
trust for an assembly With .NET Configaration Wizard. You may refer to
following article:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/htm
l/cpconadministrationwithcodegroupattributes.asp

Luke

Unless I am misunderstanding something, the .NET Configuration Wizard
controls assemblies in the GAC, yes? It does NOT alter the security
permissions for assemblies in the local /bin folder - correct?

If I have understood that correctly, then I am still stuck with my original
problem - how do I take the Interop DLL that Visual Studio 2003 has built
for me from a COM DLL and strongly name it so that I can install it into the
GAC? The MSDN documentation on installing an assembly into the GAC only
references strong-named assemblies:

http://msdn.microsoft.com/library/d...installingassemblyintoglobalassemblycache.asp

As I stated in my previous posting, it was my understanding that it is best
practice to strongly-name assemblies and it is THIS that I'm stuck on, not
altering the permissions applied to the assembly.

Regards

Philip

[MSFT] · Jul 14, 2004

Hi Philips,

You may open Administrator tools\microsoft .NET framework 1.1 wizard. In
the wizard, you can trust any .NET assembly even it wasn't in GAC.

Luke,

Philip Colmer · Jul 15, 2004

Hi Philips,

You may open Administrator tools\microsoft .NET framework 1.1 wizard. In
the wizard, you can trust any .NET assembly even it wasn't in GAC.

Using the wizard, I have granted full trust to both my web part DLL and the
Interop DLL. I'm still getting a
System.Security.Permissions.SecurityPermission exception. I have restarted
IIS after changing the trust level.

--Philip

[MSFT] · Jul 16, 2004

Hi Philip,

You may add SuppressUnmanagedCodeSecurity Attribute in your code to see if
it will help. Here is the socument for it:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/
frlrfsystemsecuritysuppressunmanagedcodesecurityattributeclasstopic.asp

Luke

[MSFT] · Jul 19, 2004

Hello Philip,

Does SuppressUnmanagedCodeSecurity Attribute work for the issue?

Luke

Philip Colmer · Jul 20, 2004

Hello Philip,

Does SuppressUnmanagedCodeSecurity Attribute work for the issue?

Unfortunately I cannot find a way of adding this to my code. I'm writing the
code in VB.Net and all of the examples of using this attribute are in C#.
I've tried lots of permutations but the compiler just rejects it. I guess
I'm getting the syntax wrong somewhere but, as I say, I can't find a VB
example of how to incorporate this.

--Philip

[MSFT] · Jul 21, 2004

Hi Philip,

I think there is no much difference between C# and VB.NET when using
SuppressUnmanagedCodeSecurity, you can just put below line above a method
or class in your VB .NET code:

<System.Security.SuppressUnmanagedCodeSecurity()>

For exmaple:

<System.Security.SuppressUnmanagedCodeSecurity()> Private Declare Function
QueryPerformanceFrequency Lib "kernel32" (ByRef PerformanceFrequency As
Long) As Boolean

Luke

Philip Colmer · Jul 21, 2004

Hi Philip,

I think there is no much difference between C# and VB.NET when using
SuppressUnmanagedCodeSecurity, you can just put below line above a method
or class in your VB .NET code:

<System.Security.SuppressUnmanagedCodeSecurity()>

For exmaple:

<System.Security.SuppressUnmanagedCodeSecurity()> Private Declare Function
QueryPerformanceFrequency Lib "kernel32" (ByRef PerformanceFrequency As
Long) As Boolean

Thank you for that clarification.

I have now implemented that but it hasn't worked. Just in case I've made a
mistake, here is the snippet of code:

<System.Security.SuppressUnmanagedCodeSecurity()> Private Function
GetChart() As String
Dim value As String

Try
Dim hm As New HighlandMedia.Stocks
value = hm.GetSmallChart("MSFT", "yr")
Catch ex As Exception
value = "<p>Exception: " + ex.Message + "</p>"
End Try

Return value
End Function

I continue to get the Exception text when the web part renders.

--Philip

[MSFT] · Jul 22, 2004

What is the exact exception you get ? Thanks.

Luke

Philip Colmer · Jul 22, 2004

What is the exact exception you get ? Thanks.

System.Security.Permissions.SecurityPermission.

--Philip

[MSFT] · Jul 23, 2004

Is the SharePoint run under a user account with local administrator
permission?

Luke

Philip Colmer · Jul 23, 2004

Is the SharePoint run under a user account with local administrator
permission?

Yes.

--Philip

[MSFT] · Jul 26, 2004

If you tested the externalDLL. in a Win Form application or an ASP.NET
application. Will it also generate the error?

Luke

Philip Colmer · Jul 26, 2004

If you tested the externalDLL. in a Win Form application or an ASP.NET
application. Will it also generate the error?

It works in an ASP.NET application.

--Philip

Wei-Dong XU [MSFT] · Jul 27, 2004

Hi Philip,

Could you be so kind to tell me whether you have configured the web.config
file to set this interop-dll as safe control?

If not, after you add the component into GAC, you will need to add one line
in the web.config of your SPS/WSS site as below:
<SafeControl Assembly="SingleSignon, Version=1.0.0.0, Culture=neutral,
PublicKeyToken=8d17a0a8981505ba"
Namespace="Microsoft.SharePoint.Portal.SSOSample" TypeName="*" />

Please specify the Full name of the interop-dll in the GAC and then give
the name space with all the type.

Please feel free to let me know if you have any question.

Best Regards,
Wei-Dong Xu
Microsoft Product Support Services
Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.

Philip Colmer · Jul 28, 2004

Wei-Dong XU said:
Hi Philip,

Could you be so kind to tell me whether you have configured the web.config
file to set this interop-dll as safe control?

If not, after you add the component into GAC, you will need to add one line
in the web.config of your SPS/WSS site as below:
<SafeControl Assembly="SingleSignon, Version=1.0.0.0, Culture=neutral,
PublicKeyToken=8d17a0a8981505ba"
Namespace="Microsoft.SharePoint.Portal.SSOSample" TypeName="*" />

Please specify the Full name of the interop-dll in the GAC and then give
the name space with all the type.

I've tried adding this and, unless I've made a mistake in the line, it
hasn't solved the problem.

This is the entry I added:

<SafeControl Assembly="Interop.HighlandMedia"
Namespace="HighlandMedia" TypeName="*" Safe="True" />

There was already an entry for my own web part DLL:

<SafeControl Assembly="MyStock" Namespace="MyStock" TypeName="*"
Safe="True" />

I think I've got the namespace correct even though it is different from the
assembly name.

--Philip

Help Needed with VBA please help	0	Aug 27, 2021
My regex kung-fu is not strong =(	0	Apr 4, 2020
Select files based on text list of filenames(part of the name:date) with condition	0	May 4, 2022
CSS Grid in a nutshell (Part 1)	0	May 31, 2023
Help needed with code	5	Mar 7, 2021
Help needed with thank you message	5	Sep 11, 2021
Imap_ssl.search one letter name	0	Aug 23, 2022
Need Help with Repository Program (Beginner)	1	Jul 7, 2023

Help needed with strong name web part

Philip Colmer

[MSFT]

Philip Colmer

[MSFT]

Philip Colmer

[MSFT]

Philip Colmer

[MSFT]

[MSFT]

Philip Colmer

[MSFT]

Philip Colmer

[MSFT]

Philip Colmer

[MSFT]

Philip Colmer

[MSFT]

Philip Colmer

Wei-Dong XU [MSFT]

Philip Colmer

Ask a Question

Similar Threads

Members online

Forum statistics

Latest Threads