HELP! Request for the permission of type System.Net.WebPermission

I've built a module for DotNetNuke which uses a 3rd party component for converting rich text to HTML. I've used this component on the same machine and from other wb apps, but encounter this error when calling a function that uses the component from within DotNetNuke.

I've tried to set the trust level in the web.config file in the DotNetNuke directory, but no luck.
Changed
<trust level="Medium" originUrl="http://localhost/.*" />
to
<trust level="Full" originUrl="http://localhost/.*" />
and
<trust level="Full" originUrl="" />

Is there something else I need to do like register in the GAC or something? I'm using ASP.NET with VB.NET for Visual Studio 2003. I'm working on a Windows XP box, but will be deploying to Windows 2003 Server. The more detailed instructions to resolve this issue, the better, thanks in advance.
LVL 1
jeremypettitAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jeremypettitAuthor Commented:
Here is the error I receive when calling on the component.


Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type System.Net.WebPermission, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.

NetSlutCommented:
you can give an assembly FullTrust with the "Wizards Microsoft .NET Framework 1.1"
located in configuration panel > system administration > Wizards Microsoft .NET Framework 1.1 > Trust an assembly


This is necessary when for example you have a smart client that wants to read or write data from the client machine.
DevastatedCommented:
You can use a WebPermission to provide either restricted or unrestricted access to a resource, based on the PermissionState set when the WebPermission is created.

It seems like dnn restricts thiers... by the way are you adding the module the usual method? - or attempting to alter dnn itself ?

Some good examples here http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfsystemnetwebpermissionclasstopic.asp

hope this helps.
Learn Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

DevastatedCommented:
p.s. just found one of the dnn coders blogs that explains the problem and tells you where to find the docs they wrote up on the matter... http://developers.ie/blogs/cconnolly/

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jeremypettitAuthor Commented:
Thanks for the link, Devastated!

I already had the line of code in the web.config file,
<trust level="Medium" originUrl="http://localhost/.*" />
This allows DNN to run a web service under Medium security, but my web service was under a different domain. The article states that you can add one additional domain in web.config, but I found that you can only have one, and you must have the domain of the DNN install listed for DNN to run. (Use localhost if you have several domain names pointing to same DNN install.)

If I have a webservice that is not on the same domain, it doesn't like it, and the article explains that in order to have multiple trusted domains for web services, one would have to either edit the machine.config file or medium.config file.


Adding multiple additional domains
It's possible to add other allowed origins, but this requires access to the machine.config file, which is not always possible in shared hosting scenarios. If you have access to the file, then add the additional domains in the following format to the webpermission node.
<IPermission class="WebPermission" version="1">
  <ConnectAccess>
    <URI uri="$OriginHost$"/>
    <URI uri="http://www.somesite.com/.*"/>
    <URI uri="http://servername/.*"/>
    <URI uri="http://127.0.0.1/.*"/>
  </ConnectAccess>
</IPermission>

Allowing unlimited domains via policy changes
It is possible to alter the medium.config file to enabled all webservices. To do this open the medium.config file, and alter the webpermission block from
  <IPermission
                      class="WebPermission"
                      version="1">
                       <ConnectAccess>
                                    <URI uri="$OriginHost$"/>
                       </ConnectAccess>
</IPermission>

to

<IPermission
                    class="WebPermission"
                    version="1"
                    Unrestricted="true"/>


Now, this all sucks the big one if you are using a few modules that all link to different web services, or have a hosted DNN solution, because the machine.config and medium.config files are not accessible to everybody. We host our own web apps, but the network admins don't like to give us programmers priveleges to squat. (Took forever to convince the ones at our company to give us admin rights to our own machines) But there was something else in this article. You can create your own policy and reference it in the web.config file.

To create a custom policy, copy the web_mediumtrust.config file, and rename the copied file e.g. web_mymedium.config. Next, alter the file as per the settings above (or any other settings you wish to alter). Finally, you will have to edit the machine.config file , and declare the new trust level e.g.
<trustLevel name="MyMedium" policyFile="web_mymedium.config"/>
Now this policy can be specified either via the machine.config or web.config.

I haven't dug into this too much, for I was able to get working what I needed at the moment, but if it's possible to specify a location of the custom policy then one could have it accessible in their web directory, or other share/location. I think this would be a good idea for a DNN module or even introduced into the core, to edit a custom DNN policy to add additional web services.
jeremypettitAuthor Commented:
NetSlut, DNN is controlling the security for objects, whether it be a web service or dll. I found that out by trying to bump up trust for assemblies already. ; )
jeremypettitAuthor Commented:
BTW, Devastated, following up to all posts. I am not modifying DNN, but creating a new module and creating a private assembly and uploading through DNN GUI, where the call to my component fails.

I did make one change, by creating a webservice to call on the component, where I could configure the web service to work with DNN under Medium trust via the info found from the link you posted.
DevastatedCommented:
having been a network admin with a nightmare programmer that i swear got upto allsorts while i was away at meetings and a web developer for several years i can understand the need to create logical gaps in security - hehe...

that very point which leads me to wonder if this could be exploited by some unscrupulous programmer, so essentially its allowing you to bypass some of the restrictions network admins place on you eh? hmmmmm *ponders the meaning of life (i guess that statement relies upon the NA's knowing what you want to do with the machine.config in the first place - as if :p )
jeremypettitAuthor Commented:
Oh, I totally understand the need to keep these areas seperate. I've brought us down once, and they never let me forget it...Until the next guy did it. LOL! Just an innocent rivalry. They used to threaten to take away our rights, and we threatened to smash their tapes. Thanks again!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ASP.NET

From novice to tech pro — start learning today.