Solved

How do i set my web.config so that one of my assemblies will allow partially trusted callers?

Posted on 2011-09-12
8
800 Views
Last Modified: 2012-05-12
I've uploaded my (VS 2010 ASP .NET 3.5 [C#]) web application / site to goDaddy. I'm exeriencing a System.Security.SecurityException, and I need to set my web.config so that an assembly will allow partially trusted callers. How / where do I set / configure this in my web.config. All of the examples I've seen only show snippets of the web.config and I'm still getting errors etc. So If someone can point me to an example of a complete web config so I can see exactly what section this <trustlevel> needs to go in, it would be appreciated. I'm including my current web.config file so please feel free to drop it right in there if you'd like.

<?xml version="1.0"?>
<!-- 
    Note: As an alternative to hand editing this file you can use the 
    web admin tool to configure settings for your application. Use
    the Website->Asp.Net Configuration option in Visual Studio.
    A full list of settings and comments can be found in 
    machine.config.comments usually located in 
    \Windows\Microsoft.Net\Framework\vx.x\Config 
-->
<configuration>
  <!--<system.web>
    <customErrors mode="Off"/>
    <compilation debug="true"/>
  </system.web>-->

  <configSections>
    <section name="exceptionHandling"
     type="Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Configuration.ExceptionHandlingSettings,
     Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=5.0.414.0, Culture=neutral,
     PublicKeyToken=31bf3856ad364e35" />

    <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup,
      System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">

      <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions,
      Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">

        <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection,
        System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"
        requirePermission="false" allowDefinition="MachineToApplication"/>

          <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup,
          System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">

          <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection,
          System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"
          requirePermission="false" allowDefinition="Everywhere"/>

          <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection,
          System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"
          requirePermission="false" allowDefinition="MachineToApplication"/>

          <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection,
          System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"
          requirePermission="false" allowDefinition="MachineToApplication"/>

          <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection,
          System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"
          requirePermission="false" allowDefinition="MachineToApplication"/>

        </sectionGroup>

      </sectionGroup>

    </sectionGroup>

  </configSections>

  <appSettings>
    <add key="SuperManRoleName" value="QUSuperMan"/>
  </appSettings>

  <exceptionHandling>
    <exceptionPolicies>
      <add name="GeneralException">
        <exceptionTypes>
          <add type="System.Exception, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
          postHandlingAction="NotifyRethrow" name="Exception">
            <exceptionHandlers>
              <add type="StudyTimeTracker.Enterprise.ExceptionHandling.SqlCustomExceptionHandler,
              StudyTimeTracker.Enterprise,
              Version=1.0.0.0, Culture=neutral, PublicKeyToken=08a7298f29b59f5a" name="Custom Handler" /> 
            </exceptionHandlers>
          </add>
        </exceptionTypes>
      </add>
      <add name="CriticalException">
        <exceptionTypes>
          <add type="System.Exception, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
          postHandlingAction="NotifyRethrow" name="Exception">
            <exceptionHandlers>
              <add type="StudyTimeTracker.Enterprise.ExceptionHandling.SqlCustomExceptionHandler, 
              StudyTimeTracker.Enterprise,
              Version=1.0.0.0, Culture=neutral, PublicKeyToken=08a7298f29b59f5a" name="Custom Handler" />
            </exceptionHandlers>
          </add>
        </exceptionTypes>
      </add>
    </exceptionPolicies>
  </exceptionHandling>

  <connectionStrings>
    <add name="SQLExpress" connectionString="Data Source=.\sqlexpress;Initial Catalog=myCatalog;
    User=myUserID;Password=mypassword" providerName="System.Data.SqlClient"/>
  </connectionStrings>
  <system.web>
    <!-- 
            Set compilation debug="true" to insert debugging 
            symbols into the compiled page. Because this 
            affects performance, set this value to true only 
            during development.
        -->

    <customErrors mode="Off"/>
    <compilation debug="true">
      <assemblies>
        <!--<add assembly="Microsoft.Office.Interop.Excel, Version=12.0.0.0, Culture=neutral,
          PublicKeyToken=71E9BCE111E9429C"/>-->
        <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
        <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
        <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
        <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral,
          PublicKeyToken=B77A5C561934E089"/>
      </assemblies>
    </compilation>
    <authentication mode="Forms">
      <!--<forms loginUrl="~/Admin/Login.aspx" defaultUrl="~/Default.aspx"/>-->
      <!--<forms loginUrl="~/Login.aspx" defaultUrl="~/Default.aspx"/>-->
    </authentication>
    <!--
            The <authentication> section enables configuration 
            of the security authentication mode used by 
            ASP.NET to identify an incoming user. 
        -->
    <!--
            The <customErrors> section enables configuration 
            of what to do if/when an unhandled error occurs 
            during the execution of a request. Specifically, 
            it enables developers to configure html error pages 
            to be displayed in place of a error stack trace.

        <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
            <error statusCode="403" redirect="NoAccess.htm" />
            <error statusCode="404" redirect="FileNotFound.htm" />
        </customErrors>
        -->
    <pages>
      <controls>
        <add tagPrefix="ajaxToolkit" namespace="AjaxControlToolkit" assembly="AjaxControlToolkit"/>
        <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0,
          Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
        <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0,
          Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
      </controls>
    </pages>

    <roleManager enabled="true" defaultProvider="DefaultRoleProvider" cacheRolesInCookie="true"
      cookieName=".ASPROLES">
      <providers>
        <add name="DefaultRoleProvider" type="System.Web.Security.SqlRoleProvider"
          applicationName="studytimetrackerprime" connectionStringName="SQLExpress"/>
        <!--<add name="XmlProvider" dataStorePath="App_Data" type="XmlProviders.XmlRoleProvider"
              applicationName="magnumproducts.com"/>-->
      </providers>
    </roleManager>

    <membership defaultProvider="DefaultMembershipProvider">
      <providers>
        <add name="DefaultMembershipProvider" type="System.Web.Security.SqlMembershipProvider"
          requiresQuestionAndAnswer="false" minRequiredNonalphanumericCharacters="0"
          applicationName="studytimetrackerprime" connectionStringName="SQLExpress"/>
        <!--<add name="XmlProvider" type="XmlProviders.XmlMembershipProvider" dataStorePath="App_Data"
              applicationName="magnumproducts.com" enablePasswordRetrieval="false" enablePasswordReset="true"
              requiresQuestionAndAnswer="true" requiresUniqueEmail="true" passwordFormat="Hashed"
              maxInvalidPasswordAttempts="3" passwordAttemptWindow="5"/> -->
      </providers>
    </membership>

    <httpHandlers>
      <remove verb="*" path="*.asmx"/>
      <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory,
        System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
      <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory,
        System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
      <add verb="GET,HEAD" path="ScriptResource.axd" validate="false"
        type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
        PublicKeyToken=31BF3856AD364E35"/>
    </httpHandlers>

    <httpModules>
      <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0,
        Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
    </httpModules>

  </system.web>
  <!--<location path="UsersAndRoles.aspx" allowOverride="true">
    <system.web>
      <authorization>
        <deny users="?"/>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
  <location path="AddStudent.aspx" allowOverride="true">
    <system.web>
      <authorization>
        <deny users="?"/>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>-->
  <location path="RoleBasedAuthorization.aspx" allowOverride="true">
    <system.web>
      <authorization>
        <deny users="?"/>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
  <location path="ChangePassword.aspx" allowOverride="true">
    <system.web>
      <authorization>
        <deny users="?"/>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
  <!--<location path="Default.aspx" allowOverride="true">
    <system.web>
      <authorization>
        <deny users="?"/>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>-->
  <location path="Admin/EditAccount.aspx" allowOverride="true">
    <system.web>
      <authorization>
        <deny users="?"/>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
  <location path="Users.aspx" allowOverride="true">
    <system.web>
      <authorization>
        <deny users="?"/>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
  <location path="Admin/Login.aspx" allowOverride="true">
    <system.web>
      <authorization>
        <allow users="?"/>
        <deny users="*"/>
      </authorization>
    </system.web>
  </location>
  <location path="Admin/PasswordRecovery.aspx" allowOverride="true">
    <system.web>
      <authorization>
        <allow users="?"/>
        <deny users="*"/>
      </authorization>
    </system.web>
  </location>
  <!-- 
        The system.webServer section is required for running ASP.NET AJAX under Internet
        Information Services 7.0.  It is not necessary for previous version of IIS.
    -->
  <system.webServer>
    <httpErrors errorMode="Detailed"/>
    <asp scriptErrorSentToBrowser="true"/>
    <validation validateIntegratedModeConfiguration="false"/>

    <modules>
      <remove name="ScriptModule"/>
      <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule,
        System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
    </modules>

    <handlers>
      <remove name="WebServiceHandlerFactory-Integrated"/>
      <remove name="ScriptHandlerFactory"/>
      <remove name="ScriptHandlerFactoryAppServices"/>
      <remove name="ScriptResource"/>
      <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode"
        type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0,
        Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
      <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode"
        type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0,
        Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
      <add name="ScriptResource" verb="GET,HEAD" path="ScriptResource.axd" preCondition="integratedMode"
        type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
        PublicKeyToken=31BF3856AD364E35"/>
    </handlers>

  </system.webServer>

  <system.codedom>
      <compilers>
        <compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CSharp.CSharpCodeProvider, System,
          Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" warningLevel="4">
          <providerOption name="CompilerVersion" value="v3.5"/>
          <providerOption name="WarnAsError" value="false"/>
      </compiler>

        <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.VisualBasic.VBCodeProvider,
          System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" warningLevel="4">
          <providerOption name="CompilerVersion" value="v3.5"/>
          <providerOption name="OptionInfer" value="true"/>
          <providerOption name="WarnAsError" value="false"/>
      </compiler>

    </compilers>
  </system.codedom>

  <runtime>
    <assemblyBinding appliesTo="v2.0.50727" xmlns="urn:schemas-microsoft-com:asm.v1">

      <dependentAssembly>
        <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/>
        <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/>
      </dependentAssembly>

      <dependentAssembly>
        <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/>
        <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/>
      </dependentAssembly>

    </assemblyBinding>
  </runtime>

</configuration>

Open in new window

0
Comment
Question by:mikesExpertExchange
  • 4
  • 4
8 Comments
 
LVL 75

Accepted Solution

by:
käµfm³d   👽 earned 500 total points
ID: 36524539
Does it need to be in web.config? I'm looking at my copy of .NET Framework 2.0 Application Development Foundation and it shows adding an assembly attribute to permit such behavior:

[assembly:AllowPartiallyTrustedCallers]

Open in new window

0
 
LVL 1

Author Comment

by:mikesExpertExchange
ID: 36524570
maybe that's where i need to put it. where would it go in my class?
0
 
LVL 75

Expert Comment

by:käµfm³d 👽
ID: 36524601
I haven't played around with assembly attributes much, but I believe they go outside of any namespace declarations. The only place I've ever really seen them is in the AssemblyInfo class. For example, here is what a default AssemblyInfo might look like:

using System.Reflection;
using System.Runtime.InteropServices;

// General Information about an assembly is controlled through the following 
// set of attributes. Change these attribute values to modify the information
// associated with an assembly.
[assembly: AssemblyTitle("27303809")]
[assembly: AssemblyDescription("")]
[assembly: AssemblyConfiguration("")]
[assembly: AssemblyCompany("Company")]
[assembly: AssemblyProduct("27303809")]
[assembly: AssemblyCopyright("Copyright © Company")]
[assembly: AssemblyTrademark("")]
[assembly: AssemblyCulture("")]

// Setting ComVisible to false makes the types in this assembly not visible 
// to COM components.  If you need to access a type in this assembly from 
// COM, set the ComVisible attribute to true on that type.
[assembly: ComVisible(false)]

// The following GUID is for the ID of the typelib if this project is exposed to COM
[assembly: Guid("9d77b858-886f-4cba-8ac4-df2d1870203e")]

// Version information for an assembly consists of the following four values:
//
//      Major Version
//      Minor Version 
//      Build Number
//      Revision
//
// You can specify all the values or you can default the Build and Revision Numbers 
// by using the '*' as shown below:
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("1.0.0.0")]
[assembly: AssemblyFileVersion("1.0.0.0")]

Open in new window


Perhaps tacking it on within that file will suffice.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 75

Expert Comment

by:käµfm³d 👽
ID: 36524628
If you're not familiar, the AssemblyInfo.cs file can be found under the Properties folder in the Solution Explorer.
untitled.PNG
0
 
LVL 1

Author Comment

by:mikesExpertExchange
ID: 36524898
yes, i did find it there. thanks. so if i've added the directive at the top of that assembly and i'm still receiving the error, would would / should i try next? the web.config?
0
 
LVL 75

Expert Comment

by:käµfm³d 👽
ID: 36525489
I'm afraid I am at a loss as I have not had much call for monkeying with this stuff. Please hold out for someone more versed in this subject.

Sorry I couldn't help  : \
0
 
LVL 1

Author Comment

by:mikesExpertExchange
ID: 36525753
no problem thanks for your help it did get me farther along and i actually got the problem solved...:-)
0
 
LVL 1

Author Closing Comment

by:mikesExpertExchange
ID: 36525757
this was the root of my solution
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is for Object-Oriented Programming (OOP) beginners. An Interface contains declarations of events, indexers, methods and/or properties. Any class which implements the Interface should provide the concrete implementation for each Inter…
Entity Framework is a powerful tool to help you interact with the DataBase but still doesn't help much when we have a Stored Procedure that returns more than one resultset. The solution takes some of out-of-the-box thinking; read on!
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question