Loading managed code from unmanaged application residing on a share
From: Réal Forté (real.forte_at_dogico.com)
Date: Wed, 5 May 2004 13:18:21 -0400
We have a legacy application expecting to load a plain DLL from its own
directory as an extension. We want to write these extensions in C#. So, we
wrote a plain C++ DLL that itelf loads another C++ DLL assembly used to
convert the calls into managed .NET calls (the data structures cannot
readily be converted by PInvoke). This second DLL is an assembly that
refers, with a #using statement, to a C# fully managed assembly. So, the
application calls the first C++ DLL, which forwards the call to the second
C++ assembly, which performs some processing before invoking the C#
When I run this scheme in my workstation, it works just fine. Problems
arise when I run the application from a network share. I consistently get
an error message stating that a loaded DLL failed initializing. After a bit
of experimenting, I found out that, if I disabled security on my workstation
(caspol -s off), I could get it to work. So, I ran Permview on the C++
assembly that bridges the C# assembly and it said it required
«SkipVerification». So, using caspol, I did the following:
- I located the Intranet group, on the local machine, which deals with
local network permissions.
- I added a URL entry, specifying the full path name (followed by a *) of
the network directory in which the server application, along with my DLLs
and assemblies, resides.
- I gave it «SkipVerification» permission.
- For good measure, I added a second entry with «FullTrust» permission.
When I ask caspol to resolve the groups for my C++ assembly, it lists what I
The problem is that it simply does not work.
I then found out that an assembly requires the permissions to have been
granted to all assemblies along the call chain, which cannot be the case
because the original caller is a legacy application. My understanding is
that an assembly attribute called «AllowPartiallyTrustedCallers» is
supposedly designed to allow doing just that, so i added it to both the C++
bridging assembly and the C# assembly.
To no avail.
Some documentation led me to believe that this attribute would apply only to
strong named assemblies located in the GAC. Thus, I put the C++ bridging
assembly in the GAC.
It still dosen't work. Again, all I have to do is disable security on my
workstation to get it to work.
I do not know where to go from here. The whole point seems very basic to
me: i simply want a legacy application residing in the LAN to load and run
Does anyone have a suggestion ?
Thanx a lot