Re: SecurityException while loading a user control in IE

From: Nicole Calinoiu (ngcalinoiu)
Date: 09/07/04

  • Next message: Sven-Torben Janus: "Cryptographic service provider (CSP) could not be found for this algorithm."
    Date: Tue, 7 Sep 2004 15:21:11 -0400
    
    

    Strongly naming an assembly causes the CLR to impose an implicit link demand
    for full trust on its callers. The code that is invoking your control
    assembly on the client is not fully trusted, which is why you're seeing this
    problem. You can prevent the implicit link demand by adding the
    AllowPartiallyTrustedCallers attribute to your control assembly (see
    http://support.microsoft.com/?kbid=839300 for a how-to), but you shouldn't
    do this until you're sure that this doesn't introduce additional security
    risks. For an introduction to this issue, see
    http://msdn.microsoft.com/msdnmag/issues/03/08/SecurityBriefs/.

    HTH,
    Nicole

    "mfeingold" <mfeingold@discussions.microsoft.com> wrote in message
    news:C9C5028A-58FB-4ABD-9378-CEEFBA092240@microsoft.com...
    > Hi guys. I have a really weird problem. I need to host a user control in
    > Internet explorer. This control has to be given access to local file
    > system.
    > So my plan was - create a control and configure the security policy s that
    > it
    > is granted the necessary permissions. Foolowing the recommendations I want
    > to
    > strong-name the control.
    >
    > My problem is that once I strong name my conrtrol, IE stops loading it. I
    > created a control with just a label on it, it shows up in IE just fine,
    > but
    > once I strong name it - IEHost throws a security exception upon load.
    >
    > I am obviously missing something obvious, but for the life of me I can not
    > see what it is. Any thoughts?
    >
    > I attach the IEHost log with the details of the exception.
    >
    > Creating security manager
    >
    > Microsoft.IE.Manager: Microsoft.IE.Manager: unique id lgth = 36
    > Microsoft.IE.SecureFactory: Create SecureFactory() with security
    > information
    > Microsoft.IE.Manager: Created secure factory
    > Microsoft.IE.SecureFactory: Creating instance of the object in the correct
    > domain
    > Microsoft.IE.SecureFactory: pUrl =
    > http://localhost/Progma/Custom/JackCapital/QuoteRequest/QuoteRequest/StartPage.aspx
    > Microsoft.IE.SecureFactory: id = 86474707A3C6F63616C686F6374710000000
    > Microsoft.IE.SecureFactory: link =
    > Microsoft.IE.SecureFactory: licenses =
    > Microsoft.IE.Manager: Url =
    > http://localhost/Progma/Custom/JackCapital/QuoteRequest/QuoteRequest/StartPage.aspx
    > Microsoft.IE.Manager: UrlGetPartW returned 80070057
    > Microsoft.IE.Manager: CodeBase = http://localhost
    > Microsoft.IE.Manager: Application =
    > Progma/Custom/JackCapital/QuoteRequest/QuoteRequest
    > Microsoft.IE.Manager: Found a codebase
    > Microsoft.IE.Manager: UrlCanonicalize returned 0
    > Microsoft.IE.SecureFactory: URL codeBase: http://localhost/
    > Microsoft.IE.SecureFactory: URL application:
    > Progma/Custom/JackCapital/QuoteRequest/QuoteRequest
    > Microsoft.IE.SecureFactory: Locating domain for http://localhost/
    > Microsoft.IE.IDKey: Created key
    > Microsoft.IE.Manager: The domain does not exist.
    > Microsoft.IE.IDKey: Created key
    > Microsoft.IE.Manager: The domain does not exist.
    > Microsoft.IE.SecureFactory: Need to create domain
    > Microsoft.IE.SecureFactory: Application base: http://localhost/
    > Microsoft.IE.SecureFactory: Private Bin Path: bin
    > Microsoft.IE.IDKey: Created key
    > Microsoft.IE.SecureFactory: Trying to create instance of type
    > http://localhost/Progma/Custom/JackCapital/QuoteRequest/QuoteRequest/AL3Loader.dll#Progma.Custom.JackCapital.QuoteRequest.AL3Loader.AL3Loader
    > Microsoft.IE.SecureFactory: System.Security.SecurityException: Request
    > failed.
    >
    > Server stack trace:
    > at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly)
    > at System.Activator.CreateInstance(Type type, Boolean nonPublic)
    > at System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr,
    > Binder
    > binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
    > at System.Activator.CreateInstance(Type type, BindingFlags bindingAttr,
    > Binder binder, Object[] args, CultureInfo culture, Object[]
    > activationAttributes)
    > at System.Activator.CreateComInstanceFrom(String assemblyName, String
    > typeName, Byte[] hashValue, AssemblyHashAlgorithm hashAlgorithm)
    > at System.AppDomain.CreateComInstanceFrom(String assemblyFile, String
    > typeName, Byte[] hashValue, AssemblyHashAlgorithm hashAlgorithm)
    > at
    > System.Runtime.Remoting.Messaging.StackBuilderSink.PrivateProcessMessage(MethodBase
    > mb, Object[] args, Object server, Int32 methodPtr, Boolean
    > fExecuteInContext,
    > Object[]& outArgs)
    > at
    > System.Runtime.Remoting.Messaging.StackBuilderSink.SyncProcessMessage(IMessage
    > msg, Int32 methodPtr, Boolean fExecuteInContext)
    >
    > Exception rethrown at [0]:
    > at
    > System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
    > reqMsg, IMessage retMsg)
    > at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
    > msgData, Int32 type)
    > at System.AppDomain.CreateComInstanceFrom(String assemblyFile, String
    > typeName, Byte[] hashValue, AssemblyHashAlgorithm hashAlgorithm)
    > at Microsoft.IE.SecureFactory.CreateInstanceWithSecurity(Int32 dwFlag,
    > Int32 dwZone, String pURL, String uniqueIdString, String link, String
    > licenses)
    > Microsoft.IE.SecureFactory: LOG exception
    > Microsoft.IE.SecureFactory: Creating log entry
    > ?FusionBindError!name=AL3Loader.dll
    > Progma.Custom.JackCapital.QuoteRequest.AL3Loader.AL3Loader
    > Microsoft.IE.SecureFactory: Logging to file C:\Documents and
    > Settings\Michael\Local Settings\Temporary Internet
    > Files\Content.IE5\52ZJGP4G\CAERKHUN.HTM
    >


  • Next message: Sven-Torben Janus: "Cryptographic service provider (CSP) could not be found for this algorithm."

    Relevant Pages

    • Re: windows form control +Active X in IE
      ... The .NET control will not work unless it has the privilege to do so. ... > at System.Activator.CreateComInstanceFrom(String assemblyName, String ... > at System.AppDomain.CreateComInstanceFrom(String assemblyFile, String ...
      (microsoft.public.dotnet.framework.interop)
    • Re: windows form control +Active X in IE
      ... The .NET control will not work unless it has the privilege to do so. ... > at System.Activator.CreateComInstanceFrom(String assemblyName, String ... > at System.AppDomain.CreateComInstanceFrom(String assemblyFile, String ...
      (microsoft.public.dotnet.framework.aspnet)
    • Re: windows form control +Active X in IE
      ... The .NET control will not work unless it has the privilege to do so. ... > at System.Activator.CreateComInstanceFrom(String assemblyName, String ... > at System.AppDomain.CreateComInstanceFrom(String assemblyFile, String ...
      (microsoft.public.dotnet.framework.windowsforms.controls)
    • Re: Digging deeper to find cause of System.Security.SecurityException in IEHost?
      ... runtime and then v1.1 was installed on the machine and the control was not ... would throw a security exception in a security restricted environment. ... > at System.AppDomain.CreateComInstanceFrom(String assemblyFile, ... > dwFlag, Int32 dwZone, String pURL, String uniqueIdString, String link, ...
      (microsoft.public.security)
    • Re: Digging deeper to find cause of System.Security.SecurityException in IEHost?
      ... runtime and then v1.1 was installed on the machine and the control was not ... would throw a security exception in a security restricted environment. ... > at System.AppDomain.CreateComInstanceFrom(String assemblyFile, ... > dwFlag, Int32 dwZone, String pURL, String uniqueIdString, String link, ...
      (microsoft.public.dotnet.security)