Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Custom provider in partial trust mode

Reply
Thread Tools

Custom provider in partial trust mode

 
 
Atul Thombre
Guest
Posts: n/a
 
      06-29-2007
Hello,

I am developing a custom membership provider. For that I built a prototype
that uses a SQL Server 2005 database as a backend store. I implemented the
class System.Web.Security.MembershipProvider and implemented few necessary
methods. The methods use SQL for interacting with the SQL Server database. I
put all this code in a class library.

I also created a simple Website using Visual Studio 2005 and configured the
Web.config to use this custom provider that I have written. Everything
worked fine. I could use the ASP.NET configuration tool and use the custom
provider to add users and view user details. Then I added a login page with
a login control and create user page with create user control and both of
them worked.

Now, I want to run this provider in the partial trust environment since MOSS
2007 runs in Minimal trust mode. I followed instructions provided in some of
the articles that I found on the web. Basically, the steps I took were
- Add a line <trust level="CustomTrust" originUrl=""/> in the Web.Config
for the website I created.
- Add a security policy in the same Web.config. This policy associates the
trust level specified above with the config file.
- I then copied web_minimaltrust.config from the framework CONFIG
directory to the Website directory and renamed it
- I then added [assembly: AllowPartiallyTrustedCallers] and [assembly:
SecurityCritical] in the assemblyInfo file for the custom provider.
- I added a permission set to the custom.config file. It is like this -
<PermissionSet
class="NamedPermissionSet"
version="1"
Name="MyCustomPermissionSet"
Unrestricted="true"
Level="CustomTrust"
Description="My custom permission set">
<IPermission
class="SecurityPermission"
version="1"
Flags="Execution, Assertion"
/>
<IPermission
class="SqlClientPermission"
version="1"
Unrestricted="true"
/>
</PermissionSet>
- I then created a strong name key pair file and added it to the custom
provider project and referenced it in that project.
- I added a Codegroup section in the custom.config file as follows
<CodeGroup
class="UnionCodeGroup"
version="1"
PermissionSetName="MyCustomPermissionSet"
Description="Custom code group for my signed
assembly">
<IMembershipCondition
class="StrongNameMembershipCondition"
version="1"
PublicKeyBlob="Public key blob from the
strong name key pair"
/>
</CodeGroup>
- I added [SecurityCritical] in front of all the methods that are
implemented
- I added following code in all the methods
SecurityPermission permission1 = new
SecurityPermission(PermissionState.Unrestricted);
permission1.Assert();

Now I am trying to run the ASP.NET configuration tool and it gives an error
"This feature is not supported at the configured trust
level".

If I raise the trust level to 'Medium', everything works. If I lower it to
'Low', I get a different error, something about mscorlib. "Request for the
permission of type 'System.Security.Permissions.SecurityPermission,
mscorlib, Version=2.0.0.0.... failed".

First of all, do I have to run the custom provider in the minimal trust
level? I am doing this because I read that MOSS 2007 expects it to run in
partial [minimal] trust mode.

Where am I going wrong? I could not find anything on the web that will help
me solve this problem. So, any help is really appreciated.

Thanks,

Atul.

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Custom membership provider in partial trust mode Atul Thombre ASP .Net Security 0 06-28-2007 12:48 PM
Trying to run in partial trust (getting a PolicyException) David Thielen ASP .Net Security 16 11-20-2006 04:41 PM
Full trust and medium trust in .net and websites Linda ASP .Net Security 1 08-31-2006 05:16 AM
ASP.NET 2.0 and Partial Trust with VSTO Ken Cox [Microsoft MVP] ASP .Net 6 06-14-2006 07:53 AM
Why? Partial Class within a Partial class Billy ASP .Net 2 02-01-2006 09:10 AM



Advertisments