Re: Adjusting security setting to run an embedded windows control in IE
From: Crirus (Crirus_at_datagroup.ro)
Date: 01/29/04
- Next message: Michel Gallant: "Re: MAKECERT and ASP"
- Previous message: Crirus: "Re: Security error when running .NET user control in IE"
- In reply to: Joe Kaplan \(MVP - ADSI\): "Re: Adjusting security setting to run an embedded windows control in IE"
- Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Adjusting security setting to run an embedded windows control in IE"
- Reply: Joe Kaplan \(MVP - ADSI\): "Re: Adjusting security setting to run an embedded windows control in IE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 29 Jan 2004 14:39:52 +0200
I have a application, embedded in IE (html assambly).
That aplication need to connect back to the server in order to get some
data.
What are conditions to succeed without requesting any special permissions
from client? As an applet do it....
Should I connect back to the server only using port 80?
Right now the client app is serverd by Apache and connection back is tryed
to another aplication on port 9500
Changing security permission by the client is not an option
--
Cheers,
Crirus
------------------------------
If work were a good thing, the boss would take it all from you
------------------------------
"Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com> wrote
in message news:OUVp7Zb5DHA.2764@TK2MSFTNGP09.phx.gbl...
> The best way to do this is to give just the assemblies that need Full
Trust
> that permission.
>
> The reason it doesn't work in your situation is that when IE creates the
> AppDomain that it runs your code in, that AppDomain is created based on
the
> URL which will have some sort of partial trust (unless that URL or the
whole
> zone has been given Full Trust).
>
> Two things happen after that:
> - If your assembly is not marked with the
> AllowPartiallyTrustedCallersAttribute, the partially trusted AppDomain
that
> it is running in will not be able to call it.
> - Any code that requires a permission will hit your assembly, where it
will
> be granted due to your Full Trust, but will likely fail when the stack
gets
> up to the partially trusted AppDomain since the AppDomain may not have
that
> permission.
>
> You have basically two options to solve this:
> - Make the AppDomain have Full Trust with something like a URL membership
> condition. This is the easiest thing to do, but is not very secure,
> especially if the URL is not very specific.
> - Add the AllowPartiallyTrustedCallersAttribute and use Assert on the
> Permissions that you need when you need them to prevent the stack walk
into
> the containing AppDomain. This is more work, but is vastly more secure
and
> is the recommended approach.
>
> There have been some good articles on implementing the second approach. I
> believe Ivan Medvedev has some good info on his website. You might start
> there:
> http://www.dotnetthis.com/Articles/WritingForSEE.htm
>
> Joe K.
>
> "Marina" <someone@nospam.com> wrote in message
> news:Os5oCLb5DHA.2572@TK2MSFTNGP09.phx.gbl...
> > Hi,
> >
> > I am trying to find the minimum security settings to allow a windows
> control
> > embedded in IE have full trust.
> >
> > If I give the entire Intranet zone full trust, this works. However, this
> is
> > very broad and gives the entire zone high privleges.
> >
> > I tried giving just the assembly full trust (using the full URL for the
> > DLL), but this doesn't seem to work.
> >
> > Any direction in how to accomplish this?
> >
> >
>
>
- Next message: Michel Gallant: "Re: MAKECERT and ASP"
- Previous message: Crirus: "Re: Security error when running .NET user control in IE"
- In reply to: Joe Kaplan \(MVP - ADSI\): "Re: Adjusting security setting to run an embedded windows control in IE"
- Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Adjusting security setting to run an embedded windows control in IE"
- Reply: Joe Kaplan \(MVP - ADSI\): "Re: Adjusting security setting to run an embedded windows control in IE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
