Solved

How to get an embedded winform usercontrol to work on a web page

Posted on 2009-07-07
12
686 Views
Last Modified: 2013-12-17
I have a web page which contains a C#/ VB.Net embedded winform (.dll). If i set the code group membership condition to 'All Code'/ 'Zone - Local Intranet' and the permission set to 'Full Trust' then all works fine. As this is not ideal,  I have tried using  the membership 'stong name' (.snk) and 'Publisher' (Digital Sig), but both have failed.

With Strong Name i have created a key using:
sn -k MyKey.snk

... which i have added to my solution (Signing Tab in VS) and have then added to the assembly the attribute AssemblyKeyFileAttribute.
<Assembly: AssemblyKeyFileAttribute("..\..\MyKey.snk")>

I am using .Net Framework 2.0.

If you have any ideal what I have missed or have a better alternative could you please let me know. Thank you in advance.


Regards,

Gareth
0
Comment
Question by:solobutt
12 Comments
 
LVL 9

Expert Comment

by:Rahul Goel ITIL
ID: 24792890
Why do you need...a windows user control on web.? You can create webusercontrol.
0
 

Author Comment

by:solobutt
ID: 24792972
Hi Rahu,

The reason for the Embedded Winform is due to an upgrade (rewrite) of a VB6 ActiveX which works on the client side. Any activity is logged back at the host (web server) . The .Net embedded winform works on the same principle, but unfortuntaley since version 2.0 of the .Net framework was released an extra level of security was added. I need to know how to work around this security.

A web usercontrol  is simply a combination of one or more HTML or server controls which is of no use.

Hope that helps explain my situation.

Gareth
0
 
LVL 11

Expert Comment

by:Agarici
ID: 24837957
how did you do it?

i'd add a new category under allCode and under condition type say "Strong name" (choose "import" from you specific dll) and then grant FullTrust to this new category.

hth,
A.
0
Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

 

Author Comment

by:solobutt
ID: 24839318
Hi Agarici,

That's exactly what i've been doing both manually and programmatically, where I have tried what you suggested, as well as with Publisher (for digital signatures) and neither have worked. For your information the assembly contains FileIO and Reflection, which is what is being blocked.

Regards,

Gareth
0
 

Author Comment

by:solobutt
ID: 24848213
Having furthered my research, i have come across the following article which I have found very useful:

http://support.microsoft.com/kb/839300

The article discusses "How to use the AllowPartiallyTrustedCallers attribute to call an assembly that has a strong name from a Web page by using Visual C# .NET, Visual C# 2005 or later versions".

The solution in this article currently works with my test application, but at the moment still does not work with my actual application which I am currently looking into. Once I have diagnosed the problem I will add another entry and close the question.

using System.Reflection;
using System.IO;
using System.Security;
 
[assembly:AllowPartiallyTrustedCallers]
 
namespace UserControl
{
.......
.......

Open in new window

0
 

Author Comment

by:solobutt
ID: 24868292
With my application the .net security is causing to it fail in two places.

The first error I am getting is:
Request for the permission of type System.Net.WebPermission.&&&&&&& failed"
and the second error is
Request for the permission of type System.Security.Permissions.FileIOPermission&&&& failed

I have a solution to the System.Net..WebPermission" error which I have listed in the code snippet below, but have not found a solution to the "System.Security.Permissions.FileIOPermission" error.

Any ideas?




' Works for System.Net.WebPermission issue
Dim wp As New System.Net.WebPermission(System.Security.Permissions.PermissionState.Unrestricted)
wp.Assert()
 
 
'Does NOT work for System.Security.Permissions.FileIOPermissio
Dim filePerm As New Permissions.FileIOPermission(Permissions.FileIOPermissionAccess.Read, "C:\LOCATION")
filePerm.Demand()

Open in new window

0
 

Accepted Solution

by:
solobutt earned 0 total points
ID: 24880346
Having spent a week on this and having been in contact with Microsoft, who weren't particularly great, here is what you need to do and having seen many post like this with no solution I think this will be extremely useful to others.

This solution is based on using a strong key name (.snk) as part of the assembly and this is required to help secure the assembly.

1. Create a code group programmatically or manually onto the users machine based on the strong key name you create with your assembly.

2. Add the AllowPartiallyTrustedCallers attribute to your Main Class (See code snippet below)

An assembly that has a strong name can only be called by a fully trusted caller unless the assembly uses the AllowPartiallyTrustedCallers attribute

The following link specifies what assemblies the user can have access to with the AllowPartiallyTrustedCallers attribute:
http://msdn.microsoft.com/en-us/library/ms951290.aspx 

3. Any assemblies that the AllowPartiallyTrustedCallers attribute does not permit will require some declarative security with unrestricted access. As this access is application specific, and with the strong key name this should not open a big loop hole for hackers. This will need to be added to each class that requires access.

e.g.
<System.Net.WebPermission(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)>
This grants access to HTTP Internet resources

I have now successfully tested my embedded winform application on both an Intranet and on the Internet. I hope what i've said makes sense and I hope it helps anyone having the same issue.

Refer to this article for additional assistance:
http://support.microsoft.com/kb/839300




Imports System.Security
 
<Assembly: AllowPartiallyTrustedCallers()> 
 
<System.Security.Permissions.PermissionSet(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)> _
<System.Security.Permissions.UIPermission(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)> _
<System.Net.WebPermission(System.Security.Permissions.SecurityAction.Assert, Unrestricted:=True)> _
Public Class MyClass

Open in new window

0
 
LVL 23

Expert Comment

by:Jens Fiederer
ID: 24880399
Thank you for posting all the information so well!  Nice work.
0

Featured Post

SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

697 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question