implementing ICertificatePolicy causes security exception under hosted environment

From: "C.W." <c.w@nospam_com>
Date: Mon, 19 Dec 2005 12:34:42 +1100

I need to establish an SSL connection with another in my application.
However, I have run into a security exception when I run my code under
hosted environment.

In particular, I have the following class:

Class AcceptAllCertificatesPolicy

Implements ICertificatePolicy

Public Function CheckValidationResult(ByVal srvPoint As
System.Net.ServicePoint, ByVal certificate As
System.Security.Cryptography.X509Certificates.X509Certificate, ByVal request
As System.Net.WebRequest, ByVal certificateProblem As Integer) As Boolean
Implements System.Net.ICertificatePolicy.CheckValidationResult

Return True

End Function

End Class

When I call this class using

ServicePointManager.CertificatePolicy = New AcceptAllCertificatesPolicy

I get a security exception

Description: The application attempted to perform an operation not allowed
by the security policy. To grant this application the required permission
please contact your system administrator or change the application's trust
level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the
permission of type System.Security.Permissions.SecurityPermission, mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.

Line 418: req.ClientCertificates.Add(X509Cert)
Line 419:
Line 420: ServicePointManager.CertificatePolicy = New
AcceptAllCertificatesPolicy
Line 421:
Line 422: Dim reqWriter As StreamWriter = New
StreamWriter(req.GetRequestStream())

Stack Trace:
[SecurityException: Request for the permission of type
System.Security.Permissions.SecurityPermission, mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
failed.]
System.Security.CodeAccessSecurityEngine.CheckHelper(PermissionSet
grantedSet, PermissionSet deniedSet, CodeAccessPermission demand,
PermissionToken permToken) +666
System.Security.CodeAccessSecurityEngine.Check(PermissionToken permToken,
CodeAccessPermission demand, StackCrawlMark& stackMark, Int32 checkFrames,
Int32 unrestrictedOverride) +0
System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission cap,
StackCrawlMark& stackMark) +88
System.Security.CodeAccessPermission.Demand() +62
System.Net.ServicePointManager.set_CertificatePolicy(ICertificatePolicy
value) +45

I gather this must be due to security restrictions set up by the webhost.
Can I change my code to somehow get around this or only the web host can fix
this issue?

Thanks in advance

.

Follow-Ups:
- Re: implementing ICertificatePolicy causes security exception under hosted environment
  - From: Joe Kaplan \(MVP - ADSI\)

Prev by Date: Re: windows authentication VS Kerberos authentication in ASP.NET 2.0?
Next by Date: Re: implementing ICertificatePolicy causes security exception under hosted environment
Previous by thread: Getting 403 Forbidden error. Client Cert didn't sent
Next by thread: Re: implementing ICertificatePolicy causes security exception under hosted environment
Index(es):
- Date
- Thread

Relevant Pages

Re: Server Reports empty
... Security Exception ... To grant this application the required permission ... The server will start to collect new counter value from ... Microsoft CSS Online Newsgroup Support ...
(microsoft.public.windows.server.sbs)
Re: Code Access Security, Evidence Based Security, Code Access Permission, Role Based Permission, et
... confused on the relationship between Code Access Security, Evidence Based ... Security, Code Access Permission, Role Based Permission, Declarative and ... user running it (if this is true, then only the Identity Permission Code ...
(microsoft.public.dotnet.security)
RE: Do all three permission classes (Identity Permission, Code Access Permission and Role Based Perm
... That is correct -- the inputs to CAS for each assembly are that assembly's evidence and the current security policy. ... classify them as a code access permission and an identity permission, since StrongNameIdentityPermission is also a code access security ...
(microsoft.public.dotnet.security)
[NT] Windows 2000 Weak Default Permission on System Partitions
... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... The system partition by default has Everyone/Full Control access ... permission settings of Everyone/Full Control or Authenticated Users/Full ...
(Securiteam)
Re: OMA on SBS is not working
... Security Exception ... Exception Details: System.Security.SecurityException: Request for the ... permission of type System.Security.Permissions.RegistryPermission, ...
(microsoft.public.windows.server.sbs)