Solved

How to get an embedded winform usercontrol to work on a web page

Posted on 2009-07-07
12
683 Views
Last Modified: 2013-12-17
I have a web page which contains a C#/ VB.Net embedded winform (.dll). If i set the code group membership condition to 'All Code'/ 'Zone - Local Intranet' and the permission set to 'Full Trust' then all works fine. As this is not ideal,  I have tried using  the membership 'stong name' (.snk) and 'Publisher' (Digital Sig), but both have failed.

With Strong Name i have created a key using:
sn -k MyKey.snk

... which i have added to my solution (Signing Tab in VS) and have then added to the assembly the attribute AssemblyKeyFileAttribute.
<Assembly: AssemblyKeyFileAttribute("..\..\MyKey.snk")>

I am using .Net Framework 2.0.

If you have any ideal what I have missed or have a better alternative could you please let me know. Thank you in advance.


Regards,

Gareth
0
Comment
Question by:solobutt
12 Comments
 
LVL 9

Expert Comment

by:Rahul Goel
Comment Utility
Why do you need...a windows user control on web.? You can create webusercontrol.
0
 

Author Comment

by:solobutt
Comment Utility
Hi Rahu,

The reason for the Embedded Winform is due to an upgrade (rewrite) of a VB6 ActiveX which works on the client side. Any activity is logged back at the host (web server) . The .Net embedded winform works on the same principle, but unfortuntaley since version 2.0 of the .Net framework was released an extra level of security was added. I need to know how to work around this security.

A web usercontrol  is simply a combination of one or more HTML or server controls which is of no use.

Hope that helps explain my situation.

Gareth
0
 
LVL 11

Expert Comment

by:Agarici
Comment Utility
how did you do it?

i'd add a new category under allCode and under condition type say "Strong name" (choose "import" from you specific dll) and then grant FullTrust to this new category.

hth,
A.
0
 

Author Comment

by:solobutt
Comment Utility
Hi Agarici,

That's exactly what i've been doing both manually and programmatically, where I have tried what you suggested, as well as with Publisher (for digital signatures) and neither have worked. For your information the assembly contains FileIO and Reflection, which is what is being blocked.

Regards,

Gareth
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 

Author Comment

by:solobutt
Comment Utility
Having furthered my research, i have come across the following article which I have found very useful:

http://support.microsoft.com/kb/839300

The article discusses "How to use the AllowPartiallyTrustedCallers attribute to call an assembly that has a strong name from a Web page by using Visual C# .NET, Visual C# 2005 or later versions".

The solution in this article currently works with my test application, but at the moment still does not work with my actual application which I am currently looking into. Once I have diagnosed the problem I will add another entry and close the question.

using System.Reflection;

using System.IO;

using System.Security;
 

[assembly:AllowPartiallyTrustedCallers]
 

namespace UserControl

{

.......

.......

Open in new window

0
 

Author Comment

by:solobutt
Comment Utility
With my application the .net security is causing to it fail in two places.

The first error I am getting is:
Request for the permission of type System.Net.WebPermission.&&&&&&& failed"
and the second error is
Request for the permission of type System.Security.Permissions.FileIOPermission&&&& failed

I have a solution to the System.Net..WebPermission" error which I have listed in the code snippet below, but have not found a solution to the "System.Security.Permissions.FileIOPermission" error.

Any ideas?




' Works for System.Net.WebPermission issue

Dim wp As New System.Net.WebPermission(System.Security.Permissions.PermissionState.Unrestricted)

wp.Assert()
 
 

'Does NOT work for System.Security.Permissions.FileIOPermissio

Dim filePerm As New Permissions.FileIOPermission(Permissions.FileIOPermissionAccess.Read, "C:\LOCATION")

filePerm.Demand()

Open in new window

0
 

Accepted Solution

by:
solobutt earned 0 total points
Comment Utility
Having spent a week on this and having been in contact with Microsoft, who weren't particularly great, here is what you need to do and having seen many post like this with no solution I think this will be extremely useful to others.

This solution is based on using a strong key name (.snk) as part of the assembly and this is required to help secure the assembly.

1. Create a code group programmatically or manually onto the users machine based on the strong key name you create with your assembly.

2. Add the AllowPartiallyTrustedCallers attribute to your Main Class (See code snippet below)

An assembly that has a strong name can only be called by a fully trusted caller unless the assembly uses the AllowPartiallyTrustedCallers attribute

The following link specifies what assemblies the user can have access to with the AllowPartiallyTrustedCallers attribute:
http://msdn.microsoft.com/en-us/library/ms951290.aspx

3. Any assemblies that the AllowPartiallyTrustedCallers attribute does not permit will require some declarative security with unrestricted access. As this access is application specific, and with the strong key name this should not open a big loop hole for hackers. This will need to be added to each class that requires access.

e.g.
<System.Net.WebPermission(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)>
This grants access to HTTP Internet resources

I have now successfully tested my embedded winform application on both an Intranet and on the Internet. I hope what i've said makes sense and I hope it helps anyone having the same issue.

Refer to this article for additional assistance:
http://support.microsoft.com/kb/839300




Imports System.Security
 

<Assembly: AllowPartiallyTrustedCallers()> 
 

<System.Security.Permissions.PermissionSet(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)> _

<System.Security.Permissions.UIPermission(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)> _

<System.Net.WebPermission(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)> _

Public Class MyClass

Open in new window

0
 
LVL 23

Expert Comment

by:Jens Fiederer
Comment Utility
Thank you for posting all the information so well!  Nice work.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Suggested Solutions

A long time ago (May 2011), I have written an article showing you how to create a DLL using Visual Studio 2005 to be hosted in SQL Server 2005. That was valid at that time and it is still valid if you are still using these versions. You can still re…
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now