Z
Zia
I have written a .NET WindowsForm control which is
deployed on the server and runs on the client machines in
the IE browser. All the control is doing is fetching data
from the server and displaying it to the user. The
control works fine but everytime it pops up a windows
form, a .Net security warning message is displayed..
"The application is running in a partially trusted
context. Some functionlity in the application may be
disabled due to security restrictions."
The control is trying to display a windows form so that
the user can change some cosmetic options for the
control.
I understand that IE always runs under partially trusted
context by default and this is why we see the warnings.
The .Net configuration tool (v1.1) displays the trust
levels for assemblies for all the zones. It seems that
the default value for the internet zone is low (2 in the
4 levels). If I increase the trust level here to medium
(3 in 4 levels), the security warnings are gone.
Here are my questions:
1) Is there a way to get rid of these warnings?
2) I read on the net that by digitally signing the
control with the authenticode certificate from Verisign
would solve this problem. Is this true? Does signing a
control make it run under higher trust level than the
controls that are not signed?
3) Is there any way I can provide the user with an option
when they download the control to actually trust the
control and then programmatically make the control run as
fully trusted instead partially trusted?
Any help is appreciated!
Thanks,
zia
deployed on the server and runs on the client machines in
the IE browser. All the control is doing is fetching data
from the server and displaying it to the user. The
control works fine but everytime it pops up a windows
form, a .Net security warning message is displayed..
"The application is running in a partially trusted
context. Some functionlity in the application may be
disabled due to security restrictions."
The control is trying to display a windows form so that
the user can change some cosmetic options for the
control.
I understand that IE always runs under partially trusted
context by default and this is why we see the warnings.
The .Net configuration tool (v1.1) displays the trust
levels for assemblies for all the zones. It seems that
the default value for the internet zone is low (2 in the
4 levels). If I increase the trust level here to medium
(3 in 4 levels), the security warnings are gone.
Here are my questions:
1) Is there a way to get rid of these warnings?
2) I read on the net that by digitally signing the
control with the authenticode certificate from Verisign
would solve this problem. Is this true? Does signing a
control make it run under higher trust level than the
controls that are not signed?
3) Is there any way I can provide the user with an option
when they download the control to actually trust the
control and then programmatically make the control run as
fully trusted instead partially trusted?
Any help is appreciated!
Thanks,
zia