Re: Remoting from a control hosted in IE

From: Nicole Calinoiu (calinoiu)
Date: 10/22/04

  • Next message: SLY: "Re: Mixing authentication type flags & By design Bug from MS ?" 
    Date: Fri, 22 Oct 2004 11:12:43 -0400

    Asserting permissions almost certainly won't help with this, and you should
    probably remove any of these test assertions that might remain in your code
    since they could open your code to unnecessary risks.

    Resolving the problem probably will probably require granting your code
    additional permissions via CAS policy. The missing permission _might_ be
    SecurityPermission.SerializationFormatter, but no guarantees there...

    If you really want help with this, it might be a good idea to provide a
    small example (as described at
    http://www.yoda.arachsys.com/csharp/complete.html) that reproduces the
    problem. There are simply too many variations on the theme of remoting for
    someone else to be able to sufficient mimic your setup to reproduce the same
    error without a great deal of time invested in trial and error.

    HTH,
    Nicole

    "mfeingold" <mfeingold@discussions.microsoft.com> wrote in message
    news:7C24D8CE-B3F4-45F8-95D3-7C55DAAB111E@microsoft.com...
    >I have a control which connects to an object on a server. This object has
    >an
    > event, and client (the control) subscribes to this event. So something
    > happens on the server, it fires the event - the control is notified.
    > All this works just fine when the controll is hosted in a windows
    > application, but I have to host it in IE.
    > To make it work I asserted any permission I can think of (as a matter of
    > fact I asserted unrestricted for now) but it got me only so far. The
    > control
    > creates the remoted object and it can subscribe to an event, but when the
    > server attempts to fire the event, it blows (see the text of the message
    > below in this post)
    >
    > It looks like I still need to assert necessary permissions somewhere else,
    > but what permissions and where do I assert them - I have no clue. Any
    > idea?
    >
    > The text of the exception:
    >
    > An unhandled exception of type 'System.Runtime.Remoting.RemotingException'
    > occurred in mscorlib.dll
    >
    > Additional information: An error occurred while processing the request on
    > the server: System.Security.SecurityException: Request for the permission
    > of
    > type System.Security.Permissions.SecurityPermission, mscorlib,
    > Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
    > failed.
    > at System.Security.PermissionListSet.CheckDemand(CodeAccessPermission
    > demand, PermissionToken permToken)
    > at System.Security.CodeAccessSecurityEngine.Check(PermissionToken
    > permToken, CodeAccessPermission demand, StackCrawlMark& stackMark, Int32
    > checkFrames, Int32 unrestrictedOverride)
    > at System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission
    > cap, StackCrawlMark& stackMark, PermissionType permType)
    > at System.Security.CodeAccessPermission.DemandInternal(PermissionType
    > permissionType)
    > at
    > System.Runtime.Serialization.Formatters.Binary.ObjectWriter.Serialize(Object
    > graph, Header[] inHeaders, __BinaryWriter serWriter, Boolean fCheck)
    > at
    > System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Serialize(Stream
    > serializationStream, Object graph, Header[] headers, Boolean fCheck)
    > at
    > System.Runtime.Remoting.Channels.CoreChannel.SerializeBinaryMessage(IMessage
    > msg, Boolean includeVersions)
    > at
    > System.Runtime.Remoting.Channels.BinaryServerFormatterSink.ProcessMessage(IServerChannelSinkStack
    > sinkStack, IMessage requestMsg, ITransportHeaders requestHeaders, Stream
    > requestStream, IMessage& responseMsg, ITransportHeaders& responseHeaders,
    > Stream& responseStream)
    > at
    > System.Runtime.Remoting.Channels.Tcp.TcpServerTransportSink.ServiceRequest(Object
    > state)
    > at System.Runtime.Remoting.Channels.SocketHandler.ProcessRequestNow()
    >
    >

  • Next message: SLY: "Re: Mixing authentication type flags & By design Bug from MS ?"

    Relevant Pages

    • Re: Composite Control need write permisson
      ... If a control needs write access, then the permissions on the directory ... or has a process in place that let's you request particular ... Integrated Windows Authentication may cause some ...
      (microsoft.public.dotnet.framework.aspnet.buildingcontrols)
    • Re: CAS, Hosting in Internet Explorer
      ... If you've signed your control with a strong name you can use the allow ... partially trusted callers attribute then assert the permission you require ... group that gives the control the permissions it requires. ... > But if I evaluate it, my assembly get Fulltrust. ...
      (microsoft.public.dotnet.security)
    • RE: SecurityException "Request Failed"
      ... >LinkDemand extremely likely to fail. ... >>Does the invoked method have all the asserted permissions ... The stack walk will hit your assert, ...
      (microsoft.public.dotnet.security)
    • Re: CAS newbie
      ... It appears that you may need to assert more than ... If you are impersonating, then you will likely need to implement Kerberos ... Joe Kaplan-MS MVP Directory Services Programming ... code group to give full trust permissions to that dll. ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Re: Security Settings to load Winform using unmanaged code in IE?
      ... try removing assembly declarations and see ... This posting is provided "AS IS" with no warranties, and confers no rights ... > The comment on Assert is important when insecure code is called - My ... > code DOES Assert privieleges when permissions are required. ...
      (microsoft.public.dotnet.security)