Re: Href/Exe and Async SWE 2.0SP1 CAS Security error

From: Morten Lyhr (MortenLyhr_at_discussions.microsoft.com)
Date: 10/19/04


Date: Tue, 19 Oct 2004 02:47:02 -0700

The reason why it worked in RELEASE mode is that it runs as a lokal app,
becasuse VS keeps a config for both DEBUG and RELEASE.

"Morten Lyhr" wrote:

> Ok here is the exception.
>
> A funny thing is that the async security exceptions is only thrown when
> running in DEBUG mode in VS. When compiled with REALEASE mode it works like a
> charm - no exceptions?!?
>
> {"Request failed." }
> [System.Security.SecurityException]: {"Request failed."}
> System.Object: {System.Security.SecurityException}
> _className: null
> _COMPlusExceptionCode: -532459699
> _exceptionMethod: <undefined value>
> _exceptionMethodString: null
> _helpURL: null
> _HResult: -2146233078
> _innerException: { }
> _message: "Request failed."
> _remoteStackIndex: 0
> _remoteStackTraceString: null
> _source: "mscorlib"
> _stackTrace: {System.Array}
> _stackTraceString: " at
> System.Security.PermissionListSet.CheckSetDemand(PermissionSet permSet,
> PermissionSet& alteredSet)\r\n at
> System.Reflection.RuntimeMethodInfo.InternalInvoke(Object obj, BindingFlags
> invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean
> isBinderDefault, Assembly caller, Boolean verifyAccess)\r\n at
> System.Reflection.RuntimeMethodInfo.InternalInvoke(Object obj, BindingFlags
> invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean
> verifyAccess)\r\n at System.Reflection.RuntimeMethodInfo.Invoke(Object obj,
> BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo
> culture)\r\n at System.Reflection.MethodBase.Invoke(Object obj, Object[]
> parameters)\r\n at System.Reflection.MethodInfo.Invoke(Object obj, Object[]
> parameters)\r\n at System.Xml.Serialization.TempAssembly.InvokeReader(Int32
> methodIndex, XmlReader xmlReader, XmlDeserializationEvents events, String
> encodingStyle)"
> _xcode: -532459699
> _xptrs: 0
> HelpLink: null
> HResult: -2146233078
> InnerException: { }
> Message: "Request failed."
> Source: "mscorlib"
> StackTrace: " at
> System.Security.PermissionListSet.CheckSetDemand(PermissionSet permSet,
> PermissionSet& alteredSet)\r\n at
> System.Reflection.RuntimeMethodInfo.InternalInvoke(Object obj, BindingFlags
> invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean
> isBinderDefault, Assembly caller, Boolean verifyAccess)\r\n at
> System.Reflection.RuntimeMethodInfo.InternalInvoke(Object obj, BindingFlags
> invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean
> verifyAccess)\r\n at System.Reflection.RuntimeMethodInfo.Invoke(Object obj,
> BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo
> culture)\r\n at System.Reflection.MethodBase.Invoke(Object obj, Object[]
> parameters)\r\n at System.Reflection.MethodInfo.Invoke(Object obj, Object[]
> parameters)\r\n at System.Xml.Serialization.TempAssembly.InvokeReader(Int32
> methodIndex, XmlReader xmlReader, XmlDeserializationEvents events, String
> encodingStyle)"
> TargetSite: <error: an exception of type:
> {System.Security.SecurityException} occurred>
>
>
> "Nicole Calinoiu" wrote:
>
> > According to your "yes", the code already is fully trusted. However, that
> > doesn't necessarily mean that no stack walk modifiers have been applied when
> > any given method is invoked. Could you please provide the full details for
> > the inner SecurityException, including its call stack listing?
> >
> >
> >
> > "Morten Lyhr" <MortenLyhr@discussions.microsoft.com> wrote in message
> > news:875E476B-688D-49B5-91AF-BB903888D5E5@microsoft.com...
> > > Yes.
> > >
> > > It's only when when the Call is from a async callback method, that it
> > > fails.
> > > I guess it is because the delegate creates a new thread - and for some
> > > reason
> > > that thread is not fully trusted? Perhaps because its not created from my
> > > signed assembly - but mscorelib creates it?
> > >
> > > So how can I make all delegates/thread/events that my signed assembly uses
> > > fully trusted?
> > >
> > > "Nicole Calinoiu" wrote:
> > >
> > >> Placing the demand call inside your Main method won't work since the
> > >> stack
> > >> walk will only evaluate the callers, and there's won't be any in the Main
> > >> method. If you put the full trust evaluation code in a separate method
> > >> that
> > >> you can call from within the Main method, does it still indicate that the
> > >> assembly is fully trusted?
> > >>
> > >>
> > >>
> > >>
> > >> "Morten Lyhr" <Morten Lyhr@discussions.microsoft.com> wrote in message
> > >> news:A97026ED-5F22-4EC5-9410-CB78254C1844@microsoft.com...
> > >> >I have a SmartClient (Windows Forms) application that uses a WSE2.0SP1
> > >> > WebService.
> > >> >
> > >> > The SmartClient exe and dll's are signed with a strong name. The Client
> > >> > maschines have a modified Policy, that grants Full Trust to any
> > >> > assembly
> > >> > signed with the key.
> > >> >
> > >> > Any Sync Calls to the WebService works fine - any async calls does
> > >> > not!!!
> > >> >
> > >> > If I Insert the follow code in my Main method, it passes - so I know I
> > >> > have
> > >> > Full Trust.
> > >> >
> > >> > System.Security.PermissionSet fullTrust = new
> > >> > System.Security.NamedPermissionSet("FullTrust");
> > >> > try
> > >> > {
> > >> > fullTrust.Demand();
> > >> > }
> > >> > catch (Exception ex)
> > >> > {
> > >> > MessageBox.Show("not fully trusted");
> > >> > }
> > >> >
> > >> >
> > >> > If I insert the code in the Async callback delegate:
> > >> >
> > >> > private void FillTreeViewUnspsc(IAsyncResult ar)
> > >> > {
> > >> > ....
> > >> > }
> > >> >
> > >> > It fails!!!
> > >> >
> > >> > I can see that the calls are not on the same thread since,
> > >> > System.Threading.Thread.CurrentThread.IsBackground returns false for
> > >> > the
> > >> > Main
> > >> > and true for the callback delegate.
> > >> >
> > >> > How can I modify my code so that any background threads gain the same
> > >> > permission set(Full Trust) as the Main Thread ????
> > >> >
> > >> >
> > >> > The exception I get is the following:
> > >> >
> > >> > {"There is an error in XML document (1, 471)." }
> > >> > [System.InvalidOperationException]:
> > >> > {System.InvalidOperationException}
> > >> > System.Object: {System.InvalidOperationException}
> > >> > _className: null
> > >> > _COMPlusExceptionCode: -532459699
> > >> > _exceptionMethod: <undefined value>
> > >> > _exceptionMethodString: null
> > >> > _helpURL: null
> > >> > _HResult: -2146233079
> > >> > _innerException: {"One or more assemblies referenced by the
> > >> > XmlSerializer cannot be called from partially trusted code." }
> > >> > _message: "There is an error in XML document (1, 471)."
> > >> > _remoteStackIndex: 0
> > >> > _remoteStackTraceString: null
> > >> > _source: null
> > >> > _stackTrace: {System.Array}
> > >> > _stackTraceString: null
> > >> > _xcode: -532459699
> > >> > _xptrs: 0
> > >> > HelpLink: null
> > >> > HResult: -2146233079
> > >> > InnerException: {"One or more assemblies referenced by the
> > >> > XmlSerializer
> > >> > cannot be called from partially trusted code." }
> > >> > Message: "There is an error in XML document (1, 471)."
> > >> > Source: "System.Xml"
> > >> > StackTrace: " at
> > >> > System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader,
> > >> > String encodingStyle, XmlDeserializationEvents events)\r\n at
> > >> > System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader,
> > >> > XmlDeserializationEvents events)\r\n at
> > >> > System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader
> > >> > xmlReader)\r\n
> > >> > at
> > >> > System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage
> > >> > message, WebResponse response, Stream responseStream, Boolean
> > >> > asyncCall)\r\n
> > >> > at
> > >> > System.Web.Services.Protocols.SoapHttpClientProtocol.EndInvoke(IAsyncResult
> > >> > asyncResult)\r\n at
> > >> > ********************.EndFillWithItems(IAsyncResult
> > >> > asyncResult, Int32& totalPages) in
> > >> > C:\\*****************************\\Reference.cs:line 60\r\n at
> > >> > ******************.MainForm.FillTreeViewUnspsc(IAs
> > >> > yncResult ar) in c:\\*******************\\mainform.cs:line 965"
> > >> > TargetSite: <error: an exception of type:
> > >> > {System.Security.SecurityException} occurred>
> > >> >
> > >>
> > >>
> > >>
> >
> >
> >



Relevant Pages

  • RE: "Could not access CDO.Message object" when sending attachments
    ... > at System.RuntimeType.InvokeDispMethod(String name, BindingFlags ... > at System.Web.Mail.LateBoundAccessHelper.CallMethod(Object obj, ... > at MyApp.MyApp.Util.SendEmail(MailMessage& objMail) ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Href/Exe and Async SWE 2.0SP1 CAS Security error
    ... > becasuse VS keeps a config for both DEBUG and RELEASE. ... >> System.Reflection.RuntimeMethodInfo.InternalInvoke(Object obj, ... >> isBinderDefault, Assembly caller, Boolean verifyAccess)\r\n at ... >> methodIndex, XmlReader xmlReader, XmlDeserializationEvents events, String ...
    (microsoft.public.dotnet.security)
  • Re: Clipper debugger....
    ... that if I compile in an extra LIB, or as I am corrected now, OBJ, than ... I can debug in an easier way... ... I have Clipper Summer 87 on my server HDD and in the OBJ folder I have ...
    (comp.lang.clipper)
  • Re: Huge memory problem
    ... I try my best to debug my code. ... Pat ... > void main ... I need to allocate a huge memory for a Object obj (e.g. ...
    (comp.lang.cpp)