Re: Custom Membership Provider FullTrust Problem



Thanks for the advice Dominick.

I'm now starting to feel a little out of my depth! :)

1. How do you actually set the trust level of a site? Is this in the
website properties in IIS?
2. How do I make the provider public?
3. I'm not sure if the provider is strong named. Do I simply do this
by publishing with Strong Named Assemblies ticked?

Something I've yet to get my head around with .net 2 is how assemblies
are compiled. I'm still accustomed to the .net 1.1 way which results
in a single dll to be uploaded to the server. .net 2 seems to create
all kinds of assemblies in the bin folder. How do I single out the
Provider into its own assembly?

Sorry to be a pain and ask all these questions... I'm still learning
about how the compiler works in .net 2 :)


On 30 Jan, 10:17, Dominick Baier
<dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Hi,

first of all - you should set the trust level on your dev box to the same
permissions as your hoster does.

Next - make sure your provider is "public" - the provider factory can also
instantiate non-public providers and that works fine in full trust - but
not in partial trust

Next - you only need AllowPartially... (APTCA) when the provider is strong
named (is that the case?)

Last - App_Codexx.cs is the source of the assembly compiled out of your App_Code
directory (maybe you have APTCA set there somewhere)

I would first of all factor the provider out in a separate assembly - no
strong name and see what happens...

-----
Dominick Baier (http://www.leastprivilege.com)



Hi all.

I've written a custom membership provider which works with tables in
my ms sql database. This works great locally, but as soon as I run the
site on the live (shared) server, I get the following error message:

Parser Error Message: Attempt to access the method failed.

The line in Web.Config that it's picked up on is as follows:

Line 29: <providers>
Line 30: <clear/>
Line 31: <add name="AspNetCustomMembershipProvider"
type="CustomMembershipProvider.CustomMembershipProvider"/>
Line 32: </providers>
Line 33: </membership>
I've discovered that overriding the standard MembershipProvider
requires Full Trust on the server and that one possible fix is to add
the following to the top of my CustomMembershipProvider:

[assembly: AllowPartiallyTrustedCallersAttribute()]

However, when I do this, although the solution builds okay, I get the
following error when I try to publish it:

Duplicate 'System.Security.AllowPartiallyTrustedCallersAttribute'
attribute

and it just points to a temporary file called App_Code.19.cs. I can't
see where else this has been used.

I've also played around with sn.exe to create a key and linked the
project to it in the hope this would help, but this hasn't made any
difference. I've asked my ISP if they can run the assemblies in Full
Trust mode, but I don't suspect they'll want to.

I've also read that I can use PermCalc to work out where the problem
is, although I don't seem to have the SDK, so I might download that
tonight and have a play.

Any other ideas to point me in the right direction would be very much
appreciated.

Thanks!

Matt- Hide quoted text -- Show quoted text -

.



Relevant Pages

  • RE: Migrating code from .NET 1.1 to Partial Trust server
    ... 'Programming .Net Security' ... The whole app is at a certain trust level, ... The dlls in the bin are assemblies. ...
    (microsoft.public.dotnet.security)
  • Re: Custom Membership Provider FullTrust Problem
    ... ok - a little ambitious to start with partial trust;) ... compilation is different - but easy - pages/controls are compiled by demand - ... I'm not sure if the provider is strong named. ... Something I've yet to get my head around with .net 2 is how assemblies ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Custom Membership Provider FullTrust Problem
    ... Dominick Baier ... How do I make the provider public? ... by publishing with Strong Named Assemblies ticked? ... full trust - but not in partial trust ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Custom Membership Provider FullTrust Problem
    ... I'll start off by making sure the provider is public and see if that ... ok - a little ambitious to start with partial trust;) ... compilation is different - but easy - pages/controls are compiled by demand ... Something I've yet to get my head around with .net 2 is how assemblies ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Custom Membership Provider FullTrust Problem
    ... Next - make sure your provider is "public" - the provider factory can also instantiate non-public providers and that works fine in full trust - but not in partial trust ... Parser Error Message: Attempt to access the method failed. ... I've asked my ISP if they can run the assemblies in Full ...
    (microsoft.public.dotnet.framework.aspnet.security)