code access security with URL condition

From: Sankar Nemani (snemani_at_nospamlumedx.com)
Date: 08/24/04 

Date: Tue, 24 Aug 2004 09:49:18 -0700

Hi
    We have two virtual directories in which our .NET controls reside. We
host these controls in IE. These controls need full trust permission set. We
tried to create a codegroup that has a URL condition http://localhost/* and
gave full trust permission and tested by opening IE on the same machine as
the server (that is why localhost should have been OK). Some parts of the
controls worked but we got SecurityExceptions for others. We kept getting
SecurityExceptions in one part or the other until we created 6 code groups
with URL conditions
http://localhost/*
http://MACHINENAME/*
http://127.0.0.1/*
http://localhost/VirtDir1/*
http://MACHINENAME/VirtDir1/*
http://127.0.0.1/VirtDir1/*
and gave full trust for all these code groups. The computer is not on any
network. When it was hooked up to the a network, we didn't need all 6 code
groups. It seems like the code access security mechanism is not able to
figure out localhost,MACHINENAME and 127.0.0.1 as the same URL.
I would like to understand how .NET applies these permissions and if there
are any resources that discuss these things in detail.
TIA
Sankar Nemani

Relevant Pages

  • code access security URL based codegroup
    ... We have two virtual directories in which our .NET controls reside. ... These controls need full trust permission set. ... SecurityExceptions in one part or the other until we created 6 code groups ...
    (microsoft.public.dotnet.framework.clr)
  • Re: code access security with URL condition
    ... and 127.0.0.1 addresses in such a way as to make some of the controls ... These controls need full trust permission set. ... > tried to create a codegroup that has a URL condition http://localhost/ * ... > and gave full trust for all these code groups. ...
    (microsoft.public.dotnet.security)