?
Solved

How to get an embedded winform usercontrol to work on a web page

Posted on 2009-07-07
12
Medium Priority
?
689 Views
Last Modified: 2013-12-17
I have a web page which contains a C#/ VB.Net embedded winform (.dll). If i set the code group membership condition to 'All Code'/ 'Zone - Local Intranet' and the permission set to 'Full Trust' then all works fine. As this is not ideal,  I have tried using  the membership 'stong name' (.snk) and 'Publisher' (Digital Sig), but both have failed.

With Strong Name i have created a key using:
sn -k MyKey.snk

... which i have added to my solution (Signing Tab in VS) and have then added to the assembly the attribute AssemblyKeyFileAttribute.
<Assembly: AssemblyKeyFileAttribute("..\..\MyKey.snk")>

I am using .Net Framework 2.0.

If you have any ideal what I have missed or have a better alternative could you please let me know. Thank you in advance.


Regards,

Gareth
0
Comment
Question by:solobutt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 
LVL 9

Expert Comment

by:Rahul Goel ITIL
ID: 24792890
Why do you need...a windows user control on web.? You can create webusercontrol.
0
 

Author Comment

by:solobutt
ID: 24792972
Hi Rahu,

The reason for the Embedded Winform is due to an upgrade (rewrite) of a VB6 ActiveX which works on the client side. Any activity is logged back at the host (web server) . The .Net embedded winform works on the same principle, but unfortuntaley since version 2.0 of the .Net framework was released an extra level of security was added. I need to know how to work around this security.

A web usercontrol  is simply a combination of one or more HTML or server controls which is of no use.

Hope that helps explain my situation.

Gareth
0
 
LVL 11

Expert Comment

by:Agarici
ID: 24837957
how did you do it?

i'd add a new category under allCode and under condition type say "Strong name" (choose "import" from you specific dll) and then grant FullTrust to this new category.

hth,
A.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 

Author Comment

by:solobutt
ID: 24839318
Hi Agarici,

That's exactly what i've been doing both manually and programmatically, where I have tried what you suggested, as well as with Publisher (for digital signatures) and neither have worked. For your information the assembly contains FileIO and Reflection, which is what is being blocked.

Regards,

Gareth
0
 

Author Comment

by:solobutt
ID: 24848213
Having furthered my research, i have come across the following article which I have found very useful:

http://support.microsoft.com/kb/839300

The article discusses "How to use the AllowPartiallyTrustedCallers attribute to call an assembly that has a strong name from a Web page by using Visual C# .NET, Visual C# 2005 or later versions".

The solution in this article currently works with my test application, but at the moment still does not work with my actual application which I am currently looking into. Once I have diagnosed the problem I will add another entry and close the question.

using System.Reflection;
using System.IO;
using System.Security;
 
[assembly:AllowPartiallyTrustedCallers]
 
namespace UserControl
{
.......
.......

Open in new window

0
 

Author Comment

by:solobutt
ID: 24868292
With my application the .net security is causing to it fail in two places.

The first error I am getting is:
Request for the permission of type System.Net.WebPermission.&&&&&&& failed"
and the second error is
Request for the permission of type System.Security.Permissions.FileIOPermission&&&& failed

I have a solution to the System.Net..WebPermission" error which I have listed in the code snippet below, but have not found a solution to the "System.Security.Permissions.FileIOPermission" error.

Any ideas?




' Works for System.Net.WebPermission issue
Dim wp As New System.Net.WebPermission(System.Security.Permissions.PermissionState.Unrestricted)
wp.Assert()
 
 
'Does NOT work for System.Security.Permissions.FileIOPermissio
Dim filePerm As New Permissions.FileIOPermission(Permissions.FileIOPermissionAccess.Read, "C:\LOCATION")
filePerm.Demand()

Open in new window

0
 

Accepted Solution

by:
solobutt earned 0 total points
ID: 24880346
Having spent a week on this and having been in contact with Microsoft, who weren't particularly great, here is what you need to do and having seen many post like this with no solution I think this will be extremely useful to others.

This solution is based on using a strong key name (.snk) as part of the assembly and this is required to help secure the assembly.

1. Create a code group programmatically or manually onto the users machine based on the strong key name you create with your assembly.

2. Add the AllowPartiallyTrustedCallers attribute to your Main Class (See code snippet below)

An assembly that has a strong name can only be called by a fully trusted caller unless the assembly uses the AllowPartiallyTrustedCallers attribute

The following link specifies what assemblies the user can have access to with the AllowPartiallyTrustedCallers attribute:
http://msdn.microsoft.com/en-us/library/ms951290.aspx 

3. Any assemblies that the AllowPartiallyTrustedCallers attribute does not permit will require some declarative security with unrestricted access. As this access is application specific, and with the strong key name this should not open a big loop hole for hackers. This will need to be added to each class that requires access.

e.g.
<System.Net.WebPermission(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)>
This grants access to HTTP Internet resources

I have now successfully tested my embedded winform application on both an Intranet and on the Internet. I hope what i've said makes sense and I hope it helps anyone having the same issue.

Refer to this article for additional assistance:
http://support.microsoft.com/kb/839300




Imports System.Security
 
<Assembly: AllowPartiallyTrustedCallers()> 
 
<System.Security.Permissions.PermissionSet(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)> _
<System.Security.Permissions.UIPermission(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)> _
<System.Net.WebPermission(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)> _
Public Class MyClass

Open in new window

0
 
LVL 23

Expert Comment

by:Jens Fiederer
ID: 24880399
Thank you for posting all the information so well!  Nice work.
0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For those of you who don't follow the news, or just happen to live under rocks, Microsoft Research released a beta SDK (http://www.microsoft.com/en-us/download/details.aspx?id=27876) for the Xbox 360 Kinect. If you don't know what a Kinect is (http:…
A long time ago (May 2011), I have written an article showing you how to create a DLL using Visual Studio 2005 to be hosted in SQL Server 2005. That was valid at that time and it is still valid if you are still using these versions. You can still re…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question