Re: Custom Membership Provider FullTrust Problem



Excellent .. thanks again for the info!

I'll start off by making sure the provider is public and see if that
has an effect.

Thanks for the link. Looks like a very useful article. I did start out
trying to define the custom provider in a seperate class library, but
ran into problems because it needs access to methods in the business
logic layer, which are held in the main project. So it became very
tricky to seperate it out.

Hopefully making the provider public will do the trick .. hopefully!
Worth a shot anyway.

The other thing I was going to try is to use the PermCalc tool that
I've seen mentioned a lot online. I'm downloading the .net 2 SDK at
the moment in the hope that it's included.

Thanks again.

On 30 Jan, 13:02, Dominick Baier
<dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
hi,

ok - a little ambitious to start with partial trust ;)

1. the <trust> level in web.config
2. public CustomMembershipProvider
3. it depends...

compilation is different - but easy - pages/controls are compiled by demand
(or pre-compiled) -

all code in App_Code gets compiled into an assembly called App_Code.

You can still just write code in a separate class library and deploy the
.dll to /bin...

a quick google is also always helpful ;)http://msdn.microsoft.com/msdnmag/issues/06/01/ExtremeASPNET/

-----
Dominick Baier (http://www.leastprivilege.com)



Thanks for the advice Dominick.

I'm now starting to feel a little out of my depth! :)

1. How do you actually set the trust level of a site? Is this in the
website properties in IIS?
2. How do I make the provider public?
3. I'm not sure if the provider is strong named. Do I simply do this
by publishing with Strong Named Assemblies ticked?
Something I've yet to get my head around with .net 2 is how assemblies
are compiled. I'm still accustomed to the .net 1.1 way which results
in a single dll to be uploaded to the server. .net 2 seems to create
all kinds of assemblies in the bin folder. How do I single out the
Provider into its own assembly?

Sorry to be a pain and ask all these questions... I'm still learning
about how the compiler works in .net 2 :)

On 30 Jan, 10:17, Dominick Baier
<dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

Hi,

first of all - you should set the trust level on your dev box to the
same permissions as your hoster does.

Next - make sure your provider is "public" - the provider factory can
also instantiate non-public providers and that works fine in full
trust - but not in partial trust

Next - you only need AllowPartially... (APTCA) when the provider is
strong named (is that the case?)

Last - App_Codexx.cs is the source of the assembly compiled out of
your App_Code directory (maybe you have APTCA set there somewhere)

I would first of all factor the provider out in a separate assembly -
no strong name and see what happens...

-----
Dominick Baier (http://www.leastprivilege.com)
Hi all.

I've written a custom membership provider which works with tables in
my ms sql database. This works great locally, but as soon as I run
the site on the live (shared) server, I get the following error
message:

Parser Error Message: Attempt to access the method failed.

The line in Web.Config that it's picked up on is as follows:

Line 29: <providers>
Line 30: <clear/>
Line 31: <add name="AspNetCustomMembershipProvider"
type="CustomMembershipProvider.CustomMembershipProvider"/>
Line 32: </providers>
Line 33: </membership>
I've discovered that overriding the standard MembershipProvider
requires Full Trust on the server and that one possible fix is to
add
the following to the top of my CustomMembershipProvider:
[assembly: AllowPartiallyTrustedCallersAttribute()]

However, when I do this, although the solution builds okay, I get
the following error when I try to publish it:

Duplicate 'System.Security.AllowPartiallyTrustedCallersAttribute'
attribute

and it just points to a temporary file called App_Code.19.cs. I
can't see where else this has been used.

I've also played around with sn.exe to create a key and linked the
project to it in the hope this would help, but this hasn't made any
difference. I've asked my ISP if they can run the assemblies in Full
Trust mode, but I don't suspect they'll want to.

I've also read that I can use PermCalc to work out where the problem
is, although I don't seem to have the SDK, so I might download that
tonight and have a play.

Any other ideas to point me in the right direction would be very
much appreciated.

Thanks!

Matt- Hide quoted text -- Show quoted text -- Hide quoted text -- Show quoted text -

.



Relevant Pages

  • Re: Custom Membership Provider FullTrust Problem
    ... ok - a little ambitious to start with partial trust;) ... compilation is different - but easy - pages/controls are compiled by demand - ... I'm not sure if the provider is strong named. ... Something I've yet to get my head around with .net 2 is how assemblies ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Custom Membership Provider FullTrust Problem
    ... Dominick Baier ... How do I make the provider public? ... by publishing with Strong Named Assemblies ticked? ... full trust - but not in partial trust ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Custom Membership Provider FullTrust Problem
    ... How do you actually set the trust level of a site? ... I'm not sure if the provider is strong named. ... Something I've yet to get my head around with .net 2 is how assemblies ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Custom Membership Provider FullTrust Problem
    ... Next - make sure your provider is "public" - the provider factory can also instantiate non-public providers and that works fine in full trust - but not in partial trust ... Parser Error Message: Attempt to access the method failed. ... I've asked my ISP if they can run the assemblies in Full ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: Adding a Membership Provider to the list of trusted providers
    ... I'm struggling to add my membership provider as a trusted provider, ... i can see the .NET users within IIS 7. ... determined to check whether it is a trusted provider. ...
    (microsoft.public.inetserver.iis)