Re: security exception for aspx page

From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 11/22/04

  • Next message: Robert Hurlbut: "Re: Adding key makes solution compile very slow"
    Date: Mon, 22 Nov 2004 14:42:27 -0600
    
    

    You can't just inherit, you have wrap. The reason is that you must manually
    assert each permission that their code demands in order to block the stack
    walk. If their code demands a lot of permissions, this will be a pain.

    Essentially, you just create a permission object of the same type that is
    being demanded by the code lower down and call the Assert method before
    calling the method that causes their demand. Your assert will then block
    their demand. Make sure you call RevertAssert when you are done.

    HTH,

    Joe K.

    "GoCMS" <GoCMS@discussions.microsoft.com> wrote in message
    news:06345205-3035-47A3-B37B-07CF5298990D@microsoft.com...
    > About the second approach, I wrote a class that inherits the 3rd party
    > control, or just a class that delegates the functions to 3rd party control
    > functions. I also add APTCA attribute and put both of the assemblies ( my
    > wrapper and 3rd party one) into GAC. It still fails at the same place.
    > What
    > did I miss? ( Note: replace with my assembly doesn't eliminate the
    > reference
    > to the 3rd party control).
    > Thanks a bunch!
    >
    >
    > "Joe Kaplan (MVP - ADSI)" wrote:
    >
    >> Contact the vendor?
    >>
    >> Alternately, if it is strong named, you could put it in the GAC, then
    >> write
    >> a wrapper assembly that does have APTCA on it that talks to the control.
    >> Then, your code would talk to your wrapper which is also in the GAC, and
    >> thus would have full trust.
    >>
    >> Obviously, the first option is much less work :)
    >>
    >> Or, give up on partial trust for web development. That's what most of us
    >> do.
    >>
    >> Joe K.
    >>
    >> "GoCMS" <GoCMS@discussions.microsoft.com> wrote in message
    >> news:5E9C8325-1F83-47C1-A332-DFAFFA98E8D8@microsoft.com...
    >> > Thanks again! That's exactly what happens. The assembly provided
    >> > doesn't
    >> > have
    >> > APTCA. That is a bad news. Even if I don't use it as a share point Web
    >> > Part,
    >> > I'm going to have trouble for any web application with trust level not
    >> > set
    >> > to
    >> > "Full". But on the other hand, I don't want to lowever security level
    >> > just
    >> > to
    >> > use 3rd party DLL. What to do?
    >> > "Joe Kaplan (MVP - ADSI)" wrote:
    >> >
    >> >> The easiest way would be with Reflector or ILDasm. In reflector, you
    >> >> just
    >> >> load up the assembly and click on it. Then, hit space to reverse
    >> >> compile.
    >> >> You should see all the attributes at the assembly level in the
    >> >> decompilation. If APTCA is set, it will be in there.
    >> >>
    >> >> If it isn't set, you are going to have trouble using that control in
    >> >> SharePoint.
    >> >>
    >> >> Joe K.
    >> >>
    >> >> "GoCMS" <GoCMS@discussions.microsoft.com> wrote in message
    >> >> news:2CF2A027-EA49-4A45-8FAB-DC25F97DFAE2@microsoft.com...
    >> >> > Hi, Joe:
    >> >> > Thanks a lot for your help. You were right, when you said it
    >> >> > should
    >> >> > give
    >> >> > you the specific permission, I began to doubt it wasn't the problem
    >> >> > of
    >> >> > authenticateAsUser("adminUser"...)! I again narrowed it down, and
    >> >> > came
    >> >> > to
    >> >> > third-party control, called Obout tree view.
    >> >> > Before you read along, I want to ask if the third-party provided
    >> >> > assembly
    >> >> > doesn't set APTCA (AllowPartiallyTrustedCallersAttribute), is it
    >> >> > true
    >> >> > that
    >> >> > we
    >> >> > can't get away with partially trusted web application? How to find
    >> >> > out
    >> >> > if
    >> >> > their assembly doesn't set APTCA?
    >> >> >
    >> >> > See the exception below, it throws exception at Line 49,
    >> >> > DisplayPage
    >> >> > function. I made it very short and simple like
    >> >> > private void DisplayPage()
    >> >> > {
    >> >> > oTree = new obout_ASPTreeView_2_NET.Tree();
    >> >> > oTree.FolderIcons = "/TreeIcons/Icons";
    >> >> > oTree.FolderStyle = "/TreeIcons/Styles/Win2003";
    >> >> > oTree.ShowIcons = true;
    >> >> > oTree.SelectedEnable = false;
    >> >> > }
    >> >> > Exception Info.....
    >> >> > ***********************************************************
    >> >> > Description: The application attempted to perform an operation not
    >> >> > allowed
    >> >> > by the security policy. To grant this application the required
    >> >> > permission
    >> >> > please contact your system administrator or change the application's
    >> >> > trust
    >> >> > level in the configuration file.
    >> >> >
    >> >> > Exception Details: System.Security.SecurityException: Security
    >> >> > error.
    >> >> > Source Error:
    >> >> > Line 47: RebuildXMLFile();
    >> >> > Line 48:
    >> >> > Line 49: DisplayPage();
    >> >> > Line 50:
    >> >> > Line 51: RegisterButton.Attributes.Add("onClick", "ob_t2send();");
    >> >> > Source File: d:\inetpub\wwwroot\MyProject\MyFile.aspx.cs Line: 49
    >> >> > Stack Trace:
    >> >> > [SecurityException: Security error.]
    >> >> > MyNamespace.MyProject.MyFile.DisplayPage() +0
    >> >> > MyNamespace.MyProject.MyFile.Page_Load(Object sender, EventArgs e)
    >> >> > in
    >> >> > d:\inetpub\wwwroot\MyProject\MyFile.aspx.cs:49
    >> >> > System.Web.UI.Control.OnLoad(EventArgs e) +67
    >> >> > System.Web.UI.Control.LoadRecursive() +35
    >> >> > System.Web.UI.Page.ProcessRequestMain() +2112
    >> >> > System.Web.UI.Page.ProcessRequest() +218
    >> >> > System.Web.UI.Page.ProcessRequest(HttpContext context) +18
    >> >> >
    >> >> > System.Web.CallHandlerExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute()
    >> >> > +179
    >> >> > System.Web.HttpApplication.ExecuteStep(IExecutionStep step,
    >> >> > Boolean&
    >> >> > completedSynchronously) +87
    >> >> > **********************************************************
    >> >> >
    >> >> > "Joe Kaplan (MVP - ADSI)" wrote:
    >> >> >
    >> >> >> I'm not sure about how CMS works with CAS, but if a security
    >> >> >> exception
    >> >> >> is
    >> >> >> being thrown, then there should be an indication of what the
    >> >> >> permission
    >> >> >> requirement is. Otherwise, try to get us more details. You might
    >> >> >> also
    >> >> >> try
    >> >> >> asking in one of the CMS groups.
    >> >> >>
    >> >> >> Joe K.
    >> >> >>
    >> >> >> "GoCMS" <GoCMS@discussions.microsoft.com> wrote in message
    >> >> >> news:765F2C4F-2578-4EDE-AB88-334376CF08BF@microsoft.com...
    >> >> >> > Forget about my previous post, I passed it.
    >> >> >> > Now I came to the REAL problem, it's actually complained when I
    >> >> >> > used
    >> >> >> > a
    >> >> >> > function from Microsoft.ContentManagement.Publishing.dll
    >> >> >> > CmsApplicationContext.AuthenticateAsUser(
    >> >> >> > "admin_user_for_CMS_site","password",PublishingMode.Published);
    >> >> >> >
    >> >> >> > I'm actually not sure what kind of permission it needs. It's not
    >> >> >> > even
    >> >> >> > part
    >> >> >> > of standard .net library.
    >> >> >> > Sorry for the confusion, I came a long way to get rid of all my
    >> >> >> > invalid
    >> >> >> > suspicion...
    >> >> >> >
    >> >> >> > "GoCMS" wrote:
    >> >> >> >
    >> >> >> >> Thanks again for your help. I guess it's me who lacks such
    >> >> >> >> security
    >> >> >> >> knowledge.
    >> >> >> >> In my Wss_MediumTrust.config file, ( just regard it as any
    >> >> >> >> customized
    >> >> >> >> policy
    >> >> >> >> file)
    >> >> >> >> I have:
    >> >> >> >> <PermissionSet
    >> >> >> >> class="NamedPermissionSet"
    >> >> >> >> version="1"
    >> >> >> >> Name="ASP.Net">
    >> >> >> >> <IPermission
    >> >> >> >> class="FileIOPermission"
    >> >> >> >> version="1"
    >> >> >> >> Read="$AppDir$"
    >> >> >> >> Write="$AppDir$"
    >> >> >> >> Append="$AppDir$"
    >> >> >> >> PathDiscovery="$AppDir$"
    >> >> >> >> />
    >> >> >> >> </PermissionSet>
    >> >> >> >> What I really want, besides the alove, is the the
    >> >> >> >> read/write/delete
    >> >> >> >> priviledge for a particular file, say
    >> >> >> >> c:\inetpub\wwwroot\shared\My_File.txt.
    >> >> >> >>
    >> >> >> >> Thanks!
    >> >> >> >>
    >> >> >> >>
    >> >> >> >>
    >> >> >> >> "Joe Kaplan (MVP - ADSI)" wrote:
    >> >> >> >>
    >> >> >> >> > So, it is a FileIOPermission that isn't being granted? In
    >> >> >> >> > that
    >> >> >> >> > case,
    >> >> >> >> > you
    >> >> >> >> > need to make sure that the permission set you have grants that
    >> >> >> >> > required
    >> >> >> >> > access. You would need to look at what you are being granted
    >> >> >> >> > in
    >> >> >> >> > the
    >> >> >> >> > policy
    >> >> >> >> > and modify that. I'm not exactly sure where that is
    >> >> >> >> > configured
    >> >> >> >> > in
    >> >> >> >> > SharePoint though. Sorry I'm not too helpful here. Can you
    >> >> >> >> > show
    >> >> >> >> > any
    >> >> >> >> > more
    >> >> >> >> > info about the FileIOPermission that isn't being granted?
    >> >> >> >> >
    >> >> >> >> > The other option would be to peform the privileged operation
    >> >> >> >> > from
    >> >> >> >> > an
    >> >> >> >> > assembly that has higher permissions and Assert the required
    >> >> >> >> > permissions to
    >> >> >> >> > avoid the stack trace.
    >> >> >> >> >
    >> >> >> >> > Joe K.
    >> >> >> >> >
    >> >> >> >> > "GoCMS" <GoCMS@discussions.microsoft.com> wrote in message
    >> >> >> >> > news:65DAE916-21D7-42C5-86D0-78A4478416A1@microsoft.com...
    >> >> >> >> > > Thanks! It turns out, I guess, it's not a problem of
    >> >> >> >> > > calling
    >> >> >> >> > > 3rd
    >> >> >> >> > > party
    >> >> >> >> > > dll (
    >> >> >> >> > > or I haven't reached there). According to the stack trace,
    >> >> >> >> > > it
    >> >> >> >> > > fails
    >> >> >> >> > > where
    >> >> >> >> > > I
    >> >> >> >> > > tried to write to a file. So I guess I don't have the access
    >> >> >> >> > > to
    >> >> >> >> > > the
    >> >> >> >> > > file
    >> >> >> >> > > outside of virtual directory.
    >> >> >> >> > > So... how to grant unrestricted access to a specific file
    >> >> >> >> > > or
    >> >> >> >> > > directory in
    >> >> >> >> > > the Wss_MediumTrust.config file? For my case, I didn't put
    >> >> >> >> > > my
    >> >> >> >> > > code
    >> >> >> >> > > into an
    >> >> >> >> > > assembly, all my files are just aspx pages under
    >> >> >> >> > > inetput\wwwroot\My_Application directory.
    >> >> >> >> > >
    >> >> >> >> > > Many thanks!!
    >> >> >> >> > >
    >> >> >> >> > > "Joe Kaplan (MVP - ADSI)" wrote:
    >> >> >> >> > >
    >> >> >> >> > >> Well, the first thing to do is to try to figure out what
    >> >> >> >> > >> the
    >> >> >> >> > >> actual
    >> >> >> >> > >> permission that is being demanded is. Then, you have a few
    >> >> >> >> > >> options:
    >> >> >> >> > >>
    >> >> >> >> > >> - Modify policy to allow that permission to be granted
    >> >> >> >> > >> - Modify the assembly in the GAC to Assert that permission
    >> >> >> >> > >> before
    >> >> >> >> > >> the
    >> >> >> >> > >> demand is called so that the stack walk is stopped (note,
    >> >> >> >> > >> potential
    >> >> >> >> > >> security
    >> >> >> >> > >> risk here)
    >> >> >> >> > >> - Create your own assembly that goes in the GAC that wraps
    >> >> >> >> > >> their
    >> >> >> >> > >> assembly
    >> >> >> >> > >> and does the above mentioned Assert. Note the same
    >> >> >> >> > >> security
    >> >> >> >> > >> risk
    >> >> >> >> > >>
    >> >> >> >> > >> You might want to find some articles on CAS so that you get
    >> >> >> >> > >> a
    >> >> >> >> > >> better
    >> >> >> >> > >> feel
    >> >> >> >> > >> for what I'm talking about here as it can be somewhat
    >> >> >> >> > >> confusing
    >> >> >> >> > >> until you
    >> >> >> >> > >> get the hang of it.
    >> >> >> >> > >>
    >> >> >> >> > >> If you can find out what the actual permission that was
    >> >> >> >> > >> demanded
    >> >> >> >> > >> was
    >> >> >> >> > >> and
    >> >> >> >> > >> what the stack trace for the exception was, that would be
    >> >> >> >> > >> very
    >> >> >> >> > >> helpful
    >> >> >> >> > >> for
    >> >> >> >> > >> us to know.
    >> >> >> >> > >>
    >> >> >> >> > >> Joe K.
    >> >> >> >> > >>
    >> >> >> >> > >>
    >> >> >> >> > >> "GoCMS" <GoCMS@discussions.microsoft.com> wrote in message
    >> >> >> >> > >> news:6B2A6B2B-4507-455D-BCE8-9C11897357BF@microsoft.com...
    >> >> >> >> > >> > Since I'm rather new on ASP.net or share point web part
    >> >> >> >> > >> > security,
    >> >> >> >> > >> > I
    >> >> >> >> > >> > wonder
    >> >> >> >> > >> > what will be the standard steps( & configuration entries)
    >> >> >> >> > >> > to
    >> >> >> >> > >> > make
    >> >> >> >> > >> > third
    >> >> >> >> > >> > party
    >> >> >> >> > >> > DLL accessible. The articles I'm reading on internet only
    >> >> >> >> > >> > addresses
    >> >> >> >> > >> > cases
    >> >> >> >> > >> > when user put their own developed ASP.NET assemblies into
    >> >> >> >> > >> > GAC.
    >> >> >> >> > >> > Thanks a lot.
    >> >> >> >> > >> >
    >> >> >> >> > >> > "Joe Kaplan (MVP - ADSI)" wrote:
    >> >> >> >> > >> >
    >> >> >> >> > >> >> Are you sure the third party DLL isn't allowing a full
    >> >> >> >> > >> >> demand
    >> >> >> >> > >> >> for
    >> >> >> >> > >> >> a
    >> >> >> >> > >> >> permission to go up the stack? Just because it is in
    >> >> >> >> > >> >> the
    >> >> >> >> > >> >> GAC
    >> >> >> >> > >> >> and
    >> >> >> >> > >> >> it
    >> >> >> >> > >> >> has
    >> >> >> >> > >> >> Full Trust doesn't mean that some code it is using won't
    >> >> >> >> > >> >> trigger
    >> >> >> >> > >> >> a
    >> >> >> >> > >> >> Demand
    >> >> >> >> > >> >> that results in a full stack walk which would then fail
    >> >> >> >> > >> >> in
    >> >> >> >> > >> >> your
    >> >> >> >> > >> >> code
    >> >> >> >> > >> >> which
    >> >> >> >> > >> >> is partially trusted.
    >> >> >> >> > >> >>
    >> >> >> >> > >> >> Without knowing more details on the exception, it would
    >> >> >> >> > >> >> be
    >> >> >> >> > >> >> hard
    >> >> >> >> > >> >> to
    >> >> >> >> > >> >> know
    >> >> >> >> > >> >> exactly what the problem is, but I suspect it is
    >> >> >> >> > >> >> something
    >> >> >> >> > >> >> along
    >> >> >> >> > >> >> those
    >> >> >> >> > >> >> lines.
    >> >> >> >> > >> >>
    >> >> >> >> > >> >> Joe K.
    >> >> >> >> > >> >>
    >> >> >> >> > >> >> "GoCMS" <GoCMS@discussions.microsoft.com> wrote in
    >> >> >> >> > >> >> message
    >> >> >> >> > >> >> news:095F0E58-0588-4CF3-A520-BF9FB72A6F08@microsoft.com...
    >> >> >> >> > >> >> > The message is not detailed enough though, as follows:
    >> >> >> >> > >> >> >
    >> >> >> >> > >> >> > Security Exception Description: The application
    >> >> >> >> > >> >> > attempted
    >> >> >> >> > >> >> > to
    >> >> >> >> > >> >> > perform
    >> >> >> >> > >> >> > an
    >> >> >> >> > >> >> > operation not allowed by the security policy. To grant
    >> >> >> >> > >> >> > this application the required permission please
    >> >> >> >> > >> >> > contact
    >> >> >> >> > >> >> > your system administrator or change the application's
    >> >> >> >> > >> >> > trust level in the configuration file.
    >> >> >> >> > >> >> >
    >> >> >> >> > >> >> > Exception Details:
    >> >> >> >> > >> >> > System.Security.SecurityException:Security
    >> >> >> >> > >> >> > Error
    >> >> >> >> > >> >> >
    >> >> >> >> > >> >> >
    >> >> >> >> > >> >> > "Nicole Calinoiu" wrote:
    >> >> >> >> > >> >> >
    >> >> >> >> > >> >> >> What is the exception message or, even better, its
    >> >> >> >> > >> >> >> full
    >> >> >> >> > >> >> >> details (as
    >> >> >> >> > >> >> >> returned
    >> >> >> >> > >> >> >> by its ToString method)?
    >> >> >> >> > >> >> >>
    >> >> >> >> > >> >> >>
    >> >> >> >> > >> >> >> "GoCMS" <GoCMS@discussions.microsoft.com> wrote in
    >> >> >> >> > >> >> >> message
    >> >> >> >> > >> >> >> news:3DBB444B-3A4A-419D-A61A-8E281CBE1CA3@microsoft.com...
    >> >> >> >> > >> >> >> > hi, there:
    >> >> >> >> > >> >> >> > I was developing a new page for a web part
    >> >> >> >> > >> >> >> > project.
    >> >> >> >> > >> >> >> > My
    >> >> >> >> > >> >> >> > page
    >> >> >> >> > >> >> >> > keeps
    >> >> >> >> > >> >> >> > on
    >> >> >> >> > >> >> >> > getting security exception whereas other pages in
    >> >> >> >> > >> >> >> > the
    >> >> >> >> > >> >> >> > same
    >> >> >> >> > >> >> >> > project
    >> >> >> >> > >> >> >> > don't.
    >> >> >> >> > >> >> >> > I
    >> >> >> >> > >> >> >> > set the security level to be WSS_MediumTrust level.
    >> >> >> >> > >> >> >> > I
    >> >> >> >> > >> >> >> > wasn't
    >> >> >> >> > >> >> >> > using
    >> >> >> >> > >> >> >> > any
    >> >> >> >> > >> >> >> > database connection, but I was using a third party
    >> >> >> >> > >> >> >> > DLL(
    >> >> >> >> > >> >> >> > which is
    >> >> >> >> > >> >> >> > already
    >> >> >> >> > >> >> >> > signed and put into GAC).
    >> >> >> >> > >> >> >> >
    >> >> >> >> > >> >> >> > I add the third party assembly into the project
    >> >> >> >> > >> >> >> > web.config.
    >> >> >> >> > >> >> >> > I also add the following section into
    >> >> >> >> > >> >> >> > WSS_MediumTrust.config
    >> >> >> >> > >> >> >> > file.
    >> >> >> >> > >> >> >> > <CodeGroup class="UnionCodeGroup" version="1"
    >> >> >> >> > >> >> >> > PermissionSetName="FullTrust">
    >> >> >> >> > >> >> >> > <IMembershipCondition
    >> >> >> >> > >> >> >> > class="StrongNameMembershipCondition"
    >> >> >> >> > >> >> >> > version="1" PublicKeyBlob="public key for 3rd
    >> >> >> >> > >> >> >> > party
    >> >> >> >> > >> >> >> > assembly"/>
    >> >> >> >> > >> >> >> > </CodeGroup>
    >> >> >> >> > >> >> >> >
    >> >> >> >> > >> >> >> > Any other ideas? Thanks a LOT!
    >> >> >> >> > >> >> >> >
    >> >> >> >> > >> >> >> >
    >> >> >> >> > >> >> >> >
    >> >> >> >> > >> >> >>
    >> >> >> >> > >> >> >>
    >> >> >> >> > >> >> >>
    >> >> >> >> > >> >>
    >> >> >> >> > >> >>
    >> >> >> >> > >> >>
    >> >> >> >> > >>
    >> >> >> >> > >>
    >> >> >> >> > >>
    >> >> >> >> >
    >> >> >> >> >
    >> >> >> >> >
    >> >> >>
    >> >> >>
    >> >> >>
    >> >>
    >> >>
    >> >>
    >>
    >>
    >>


  • Next message: Robert Hurlbut: "Re: Adding key makes solution compile very slow"

    Relevant Pages

    • Re: security/strong name/zones clarification needed
      ... Does the Assert code go in its ... >>this AppDomain needs to be setup before your assembly can ... >>will recieve the permission grant you expect (in this ... All my assemblies are strong named. ...
      (microsoft.public.dotnet.security)
    • Re: Identity Permission and Code Access Permission classes
      ... I'm working on a several-part blog series on Assert ... however a lot of the concepts will apply to the other stack modifiers as well. ... >Subject: Re: Identity Permission and Code Access Permission classes ... and you want to protect its contents from modification by ...
      (microsoft.public.dotnet.security)
    • Re: Code Acess Security
      ... Assert is used to prevent a stack walk. ... - My assembly is granted permission A as well as the permission to Assert ... Note that there are some major assemblies in the ...
      (microsoft.public.dotnet.security)
    • Re: Identity Permission and Code Access Permission classes
      ... The most common use of assert and deny is when mapping from one permission ... to making the assertion that allows the unmanaged code to be run. ... and you want to protect its contents from modification by ...
      (microsoft.public.dotnet.security)