Re: Hosting from a network share.
From: Felix Wu (felixwu@online.microsoft.com)
Date: 12/06/02
- Next message: Jason Chiu: "Re: authorization problems"
- Previous message: Larry Hastings: "Re: User ASPNET in SQL Server 2000"
- In reply to: Ben Luckham: "Re: Hosting from a network share."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: felixwu@online.microsoft.com (Felix Wu(MS)) Date: Fri, 06 Dec 2002 05:06:07 GMT
Thank you for your useful information, Ben.
This problem is due to the fact that System.Web namespace does not have the
AllowPartiallyTrustedCallersAttribute applied to it. Please refer to this
URL for more information:
V1 Security Changes
http://msdn.microsoft.com/library/en-us/dnnetsec/html/v1securitychanges.asp
Any code that is not in the "My_Computer_Zone" Code Group that does not
have this attribute requires the "FullTrust" permission set. As a result,
the remote share that holds the Web applications content requires
"FullTrust".
To resolve this we need to give the remote share "FullTrust", which is what
Ben mentioned in his post.
Thanks,
Felix Wu
=============
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
>Content-Class: urn:content-classes:message
>From: "Ben Luckham" <ben.luckham@nospam.co.uk>
>Sender: "Ben Luckham" <ben.luckham@nospam.co.uk>
>References: <aqg5j6$mb8$1@news.swman.net.uk>
>Subject: Re: Hosting from a network share.
>Date: Fri, 8 Nov 2002 07:02:29 -0800
>Lines: 76
>Message-ID: <639901c28737$db3d64a0$39ef2ecf@TKMSFTNGXA08>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="iso-8859-1"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>Thread-Index: AcKHN9s9rRHwdwiGSqa3ktGicIZtxA==
>Newsgroups: microsoft.public.dotnet.framework.aspnet.security
>NNTP-Posting-Host: TKMSFTNGXA08 10.201.226.36
>Path: cpmsftngxa06!cpmsftngxa08
>Xref: cpmsftngxa06 microsoft.public.dotnet.framework.aspnet.security:2909
>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>
>Well I've fixed it... actually I had fixed it at about
>11:00 this morning, but ASP.NET had decided to ignore the
>changes I'd made to the security policy. In typical
>Microsoft fashion, after a reset, things mysteriously
>started working for no apparent reason.
>
>Stupid pile of junk... serves me right for not using
>Apache, I suppose. Read on...
>
>Here's how I fixed it. As you probably know by now, .NET
>doesn't trust the code located on the Network share, so
>you need to change the .NET security policy to overcome
>this.
>
>Open up Control Panel->Administrative Tools->.NET
>Framework Configuration. From the panel on the left, open
>up "Runtime Security Policy->Machine->Code Groups", and
>right-click on "New". We're going to create a new code
>group to include the assemblies on your network share(s),
>and grant permissions to it.
>
>In the dialog box that pops up, you can choose how you
>want to identify assemblies that belong to this new code
>group. I first tried identifying assemblies by the site
>they come from, but couldn't get this to work. So I used
>the URL method instead.
>
>JJ, it sounds like you used one of the Wizards to identify
>(and grant permissions to) your .dll assembly using the
>Hash method. This would explain why different versions of
>your .dll are not trusted (because their Hash would be
>different).
>
>The URL could be something like:
> file://H:/*
>which would grant permissions to all code located on your
>H: drive.
>
>In my case, I want to grant permissions to all the
>assemblies from several network shares. As these network
>shares happen to be hosted on the same machine, I entered
> file:////137.44.103.44/*
>This grants permissions to any assembly on any network
>share hosted on \\137.44.103.44.
>
>In the next step, you can choose the permissions to grant
>assemblies belonging to this new code group. I
>chose "FullTrust", simply because I can't bear to fuss
>around with IIS any more today - I imagine that some of
>the more restrictive permission options (such
>as "Execution") would also suffice.
>
>Once you've finished this, your .NET security policy
>should be updated to trust assemblies from your network
>share.
>
>I would also recommend deleting all the files associated
>with your Web application from the "Temporary ASP.NET
>Files" directory, just to help poor old IIS out. In my
>case, this meant deleting the
>entire "c:\Winnt\Microsoft.NET\Framework\v1.0.3705
>\Temporary ASP.NET Files\MyWebApp" directory. You won't be
>able to do this with IIS still running however, so you'll
>have to either restart, or stop IIS for a while.
>
>Soooo... after another restart, and a brief time of
>prayer, you might be lucky enough to find your Web
>application working again (no promises though).
>
>I hope this helps - Good luck! Also, my sincerest
>sympathies to anyone else who is wasting company time
>wrestling with the utter dog that is ASP.NET.
>
>Best,
>Ben.
>
>
- Next message: Jason Chiu: "Re: authorization problems"
- Previous message: Larry Hastings: "Re: User ASPNET in SQL Server 2000"
- In reply to: Ben Luckham: "Re: Hosting from a network share."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
