Solved

How to get an embedded winform usercontrol to work on a web page

Posted on 2009-07-07
12
687 Views
Last Modified: 2013-12-17
I have a web page which contains a C#/ VB.Net embedded winform (.dll). If i set the code group membership condition to 'All Code'/ 'Zone - Local Intranet' and the permission set to 'Full Trust' then all works fine. As this is not ideal,  I have tried using  the membership 'stong name' (.snk) and 'Publisher' (Digital Sig), but both have failed.

With Strong Name i have created a key using:
sn -k MyKey.snk

... which i have added to my solution (Signing Tab in VS) and have then added to the assembly the attribute AssemblyKeyFileAttribute.
<Assembly: AssemblyKeyFileAttribute("..\..\MyKey.snk")>

I am using .Net Framework 2.0.

If you have any ideal what I have missed or have a better alternative could you please let me know. Thank you in advance.


Regards,

Gareth
0
Comment
Question by:solobutt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 
LVL 9

Expert Comment

by:Rahul Goel ITIL
ID: 24792890
Why do you need...a windows user control on web.? You can create webusercontrol.
0
 

Author Comment

by:solobutt
ID: 24792972
Hi Rahu,

The reason for the Embedded Winform is due to an upgrade (rewrite) of a VB6 ActiveX which works on the client side. Any activity is logged back at the host (web server) . The .Net embedded winform works on the same principle, but unfortuntaley since version 2.0 of the .Net framework was released an extra level of security was added. I need to know how to work around this security.

A web usercontrol  is simply a combination of one or more HTML or server controls which is of no use.

Hope that helps explain my situation.

Gareth
0
 
LVL 11

Expert Comment

by:Agarici
ID: 24837957
how did you do it?

i'd add a new category under allCode and under condition type say "Strong name" (choose "import" from you specific dll) and then grant FullTrust to this new category.

hth,
A.
0
Is Your Team Achieving Their Full Potential?

74% of employees feel they are not achieving their full potential. With Linux Academy, not only will you strengthen your team's core competencies but also their knowledge of of the newest IT topics.

With new material every week, we'll make sure that you stay ahead of the game.

 

Author Comment

by:solobutt
ID: 24839318
Hi Agarici,

That's exactly what i've been doing both manually and programmatically, where I have tried what you suggested, as well as with Publisher (for digital signatures) and neither have worked. For your information the assembly contains FileIO and Reflection, which is what is being blocked.

Regards,

Gareth
0
 

Author Comment

by:solobutt
ID: 24848213
Having furthered my research, i have come across the following article which I have found very useful:

http://support.microsoft.com/kb/839300

The article discusses "How to use the AllowPartiallyTrustedCallers attribute to call an assembly that has a strong name from a Web page by using Visual C# .NET, Visual C# 2005 or later versions".

The solution in this article currently works with my test application, but at the moment still does not work with my actual application which I am currently looking into. Once I have diagnosed the problem I will add another entry and close the question.

using System.Reflection;
using System.IO;
using System.Security;
 
[assembly:AllowPartiallyTrustedCallers]
 
namespace UserControl
{
.......
.......

Open in new window

0
 

Author Comment

by:solobutt
ID: 24868292
With my application the .net security is causing to it fail in two places.

The first error I am getting is:
Request for the permission of type System.Net.WebPermission.&&&&&&& failed"
and the second error is
Request for the permission of type System.Security.Permissions.FileIOPermission&&&& failed

I have a solution to the System.Net..WebPermission" error which I have listed in the code snippet below, but have not found a solution to the "System.Security.Permissions.FileIOPermission" error.

Any ideas?




' Works for System.Net.WebPermission issue
Dim wp As New System.Net.WebPermission(System.Security.Permissions.PermissionState.Unrestricted)
wp.Assert()
 
 
'Does NOT work for System.Security.Permissions.FileIOPermissio
Dim filePerm As New Permissions.FileIOPermission(Permissions.FileIOPermissionAccess.Read, "C:\LOCATION")
filePerm.Demand()

Open in new window

0
 

Accepted Solution

by:
solobutt earned 0 total points
ID: 24880346
Having spent a week on this and having been in contact with Microsoft, who weren't particularly great, here is what you need to do and having seen many post like this with no solution I think this will be extremely useful to others.

This solution is based on using a strong key name (.snk) as part of the assembly and this is required to help secure the assembly.

1. Create a code group programmatically or manually onto the users machine based on the strong key name you create with your assembly.

2. Add the AllowPartiallyTrustedCallers attribute to your Main Class (See code snippet below)

An assembly that has a strong name can only be called by a fully trusted caller unless the assembly uses the AllowPartiallyTrustedCallers attribute

The following link specifies what assemblies the user can have access to with the AllowPartiallyTrustedCallers attribute:
http://msdn.microsoft.com/en-us/library/ms951290.aspx 

3. Any assemblies that the AllowPartiallyTrustedCallers attribute does not permit will require some declarative security with unrestricted access. As this access is application specific, and with the strong key name this should not open a big loop hole for hackers. This will need to be added to each class that requires access.

e.g.
<System.Net.WebPermission(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)>
This grants access to HTTP Internet resources

I have now successfully tested my embedded winform application on both an Intranet and on the Internet. I hope what i've said makes sense and I hope it helps anyone having the same issue.

Refer to this article for additional assistance:
http://support.microsoft.com/kb/839300




Imports System.Security
 
<Assembly: AllowPartiallyTrustedCallers()> 
 
<System.Security.Permissions.PermissionSet(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)> _
<System.Security.Permissions.UIPermission(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)> _
<System.Net.WebPermission(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)> _
Public Class MyClass

Open in new window

0
 
LVL 23

Expert Comment

by:Jens Fiederer
ID: 24880399
Thank you for posting all the information so well!  Nice work.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question