How to get an embedded winform usercontrol to work on a web page

I have a web page which contains a C#/ VB.Net embedded winform (.dll). If i set the code group membership condition to 'All Code'/ 'Zone - Local Intranet' and the permission set to 'Full Trust' then all works fine. As this is not ideal,  I have tried using  the membership 'stong name' (.snk) and 'Publisher' (Digital Sig), but both have failed.

With Strong Name i have created a key using:
sn -k MyKey.snk

... which i have added to my solution (Signing Tab in VS) and have then added to the assembly the attribute AssemblyKeyFileAttribute.
<Assembly: AssemblyKeyFileAttribute("..\..\MyKey.snk")>

I am using .Net Framework 2.0.

If you have any ideal what I have missed or have a better alternative could you please let me know. Thank you in advance.


Regards,

Gareth
solobuttAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rahul Goel ITILSenior Consultant - DeloitteCommented:
Why do you need...a windows user control on web.? You can create webusercontrol.
0
solobuttAuthor Commented:
Hi Rahu,

The reason for the Embedded Winform is due to an upgrade (rewrite) of a VB6 ActiveX which works on the client side. Any activity is logged back at the host (web server) . The .Net embedded winform works on the same principle, but unfortuntaley since version 2.0 of the .Net framework was released an extra level of security was added. I need to know how to work around this security.

A web usercontrol  is simply a combination of one or more HTML or server controls which is of no use.

Hope that helps explain my situation.

Gareth
0
AgariciCommented:
how did you do it?

i'd add a new category under allCode and under condition type say "Strong name" (choose "import" from you specific dll) and then grant FullTrust to this new category.

hth,
A.
0
CompTIA Network+

Prepare for the CompTIA Network+ exam by learning how to troubleshoot, configure, and manage both wired and wireless networks.

solobuttAuthor Commented:
Hi Agarici,

That's exactly what i've been doing both manually and programmatically, where I have tried what you suggested, as well as with Publisher (for digital signatures) and neither have worked. For your information the assembly contains FileIO and Reflection, which is what is being blocked.

Regards,

Gareth
0
solobuttAuthor Commented:
Having furthered my research, i have come across the following article which I have found very useful:

http://support.microsoft.com/kb/839300

The article discusses "How to use the AllowPartiallyTrustedCallers attribute to call an assembly that has a strong name from a Web page by using Visual C# .NET, Visual C# 2005 or later versions".

The solution in this article currently works with my test application, but at the moment still does not work with my actual application which I am currently looking into. Once I have diagnosed the problem I will add another entry and close the question.

using System.Reflection;
using System.IO;
using System.Security;
 
[assembly:AllowPartiallyTrustedCallers]
 
namespace UserControl
{
.......
.......

Open in new window

0
solobuttAuthor Commented:
With my application the .net security is causing to it fail in two places.

The first error I am getting is:
Request for the permission of type System.Net.WebPermission.&&&&&&& failed"
and the second error is
Request for the permission of type System.Security.Permissions.FileIOPermission&&&& failed

I have a solution to the System.Net..WebPermission" error which I have listed in the code snippet below, but have not found a solution to the "System.Security.Permissions.FileIOPermission" error.

Any ideas?




' Works for System.Net.WebPermission issue
Dim wp As New System.Net.WebPermission(System.Security.Permissions.PermissionState.Unrestricted)
wp.Assert()
 
 
'Does NOT work for System.Security.Permissions.FileIOPermissio
Dim filePerm As New Permissions.FileIOPermission(Permissions.FileIOPermissionAccess.Read, "C:\LOCATION")
filePerm.Demand()

Open in new window

0
solobuttAuthor Commented:
Having spent a week on this and having been in contact with Microsoft, who weren't particularly great, here is what you need to do and having seen many post like this with no solution I think this will be extremely useful to others.

This solution is based on using a strong key name (.snk) as part of the assembly and this is required to help secure the assembly.

1. Create a code group programmatically or manually onto the users machine based on the strong key name you create with your assembly.

2. Add the AllowPartiallyTrustedCallers attribute to your Main Class (See code snippet below)

An assembly that has a strong name can only be called by a fully trusted caller unless the assembly uses the AllowPartiallyTrustedCallers attribute

The following link specifies what assemblies the user can have access to with the AllowPartiallyTrustedCallers attribute:
http://msdn.microsoft.com/en-us/library/ms951290.aspx 

3. Any assemblies that the AllowPartiallyTrustedCallers attribute does not permit will require some declarative security with unrestricted access. As this access is application specific, and with the strong key name this should not open a big loop hole for hackers. This will need to be added to each class that requires access.

e.g.
<System.Net.WebPermission(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)>
This grants access to HTTP Internet resources

I have now successfully tested my embedded winform application on both an Intranet and on the Internet. I hope what i've said makes sense and I hope it helps anyone having the same issue.

Refer to this article for additional assistance:
http://support.microsoft.com/kb/839300




Imports System.Security
 
<Assembly: AllowPartiallyTrustedCallers()> 
 
<System.Security.Permissions.PermissionSet(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)> _
<System.Security.Permissions.UIPermission(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)> _
<System.Net.WebPermission(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)> _
Public Class MyClass

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Jens FiedererTest Developer/ValidatorCommented:
Thank you for posting all the information so well!  Nice work.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
.NET Programming

From novice to tech pro — start learning today.