Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > .NET 2.0 Trust issue on Hosted Server

Reply
Thread Tools

.NET 2.0 Trust issue on Hosted Server

 
 
Cindy Lee
Guest
Posts: n/a
 
      05-19-2006
I'm using a .net 2.0 Hosted server, IIS has trust level I think I medium,
which I can't over-ride.

I'm working off the Personal Website wizard. I get this security issue
usually after I log in and come back. Sometimes I get it, and sometimes I
don't. I can't repeat it all the time.
How should I set my token key? i just use what's in the config file:
b77a5c561934e089.
I know I can't do full Trust because it get's overridden.
There's nothing on my pages that is a big security issue. I don't care who
has access to it. Is there anything I should do to change my config file.
This is my error below, and my config file is below that

Description: The application attempted to perform an operation not allowed
by the security policy. To grant this application the required permission
please contact your system administrator or change the application's trust
level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the
permission of type 'System.Security.Permissions.FileIOPermission, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.


Conifg
<?xml version="1.0"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<connectionStrings>
<remove name="LocalSqlServer"/>
<add name="LocalSqlServer" connectionString="Data
Source=SQLB1.webcontrolcenter.com;Initial Catalog=loftladb;Persist Security
Info=True;User ID=xxx;Password=xxx"/>
<add name="Personal" connectionString="Data
Source=SQLB1.webcontrolcenter.com;Initial Catalog=loftladb;Persist Security
Info=True;User ID=xxx;Password=xxx"
providerName="System.Data.SqlClient" />
<add name="loftladbConnectionString1" connectionString="Data
Source=SQLB1.webcontrolcenter.com;Initial Catalog=loftladb;Persist Security
Info=True;User ID=xxx;Password=xxx"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<pages styleSheetTheme="White"/>
<customErrors mode="Off"/>
<compilation debug="true"/>
<membership defaultProvider="YourSqlProvider">
<providers>
<add connectionStringName="LocalSqlServer" applicationName="LoftLAApp"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0" name="YourSqlProvider"
type="System.Web.Security.SqlMembershipProvider" />
</providers>
</membership>
<authentication mode="Forms">
<forms loginUrl="default1.aspx" protection="Validation" timeout="300" />
</authentication>
<authorization>
<allow users="*"/>
</authorization>
<globalization requestEncoding="utf-8" responseEncoding="utf-8"/>
<roleManager enabled="true" defaultProvider="AspNetSqlRoleProvider" />
<siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
<providers>
<add name="XmlSiteMapProvider" description="SiteMap provider which reads in
..sitemap XML files." type="System.Web.XmlSiteMapProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
siteMapFile="web.sitemap" securityTrimmingEnabled="true"/>
</providers>
</siteMap>
</system.web>
<location path="Admin">
<system.web>
<authorization>
<allow roles="Administrators"/>
<!-- deny users="*"/ -->
</authorization>
</system.web>
</location>
</configuration>



 
Reply With Quote
 
 
 
 
Cindy Lee
Guest
Posts: n/a
 
      05-19-2006
Oh, I forgot to add, when I refresh 1-10 times it will work.

"Cindy Lee" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> I'm using a .net 2.0 Hosted server, IIS has trust level I think I medium,
> which I can't over-ride.
>
> I'm working off the Personal Website wizard. I get this security issue
> usually after I log in and come back. Sometimes I get it, and sometimes I
> don't. I can't repeat it all the time.
> How should I set my token key? i just use what's in the config file:
> b77a5c561934e089.
> I know I can't do full Trust because it get's overridden.
> There's nothing on my pages that is a big security issue. I don't care who
> has access to it. Is there anything I should do to change my config file.
> This is my error below, and my config file is below that
>
> Description: The application attempted to perform an operation not allowed
> by the security policy. To grant this application the required permission
> please contact your system administrator or change the application's trust
> level in the configuration file.
>
> Exception Details: System.Security.SecurityException: Request for the
> permission of type 'System.Security.Permissions.FileIOPermission,

mscorlib,
> Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
>
>
> Conifg
> <?xml version="1.0"?>
> <configuration

xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
> <connectionStrings>
> <remove name="LocalSqlServer"/>
> <add name="LocalSqlServer" connectionString="Data
> Source=SQLB1.webcontrolcenter.com;Initial Catalog=loftladb;Persist

Security
> Info=True;User ID=xxx;Password=xxx"/>
> <add name="Personal" connectionString="Data
> Source=SQLB1.webcontrolcenter.com;Initial Catalog=loftladb;Persist

Security
> Info=True;User ID=xxx;Password=xxx"
> providerName="System.Data.SqlClient" />
> <add name="loftladbConnectionString1" connectionString="Data
> Source=SQLB1.webcontrolcenter.com;Initial Catalog=loftladb;Persist

Security
> Info=True;User ID=xxx;Password=xxx"
> providerName="System.Data.SqlClient" />
> </connectionStrings>
> <system.web>
> <pages styleSheetTheme="White"/>
> <customErrors mode="Off"/>
> <compilation debug="true"/>
> <membership defaultProvider="YourSqlProvider">
> <providers>
> <add connectionStringName="LocalSqlServer" applicationName="LoftLAApp"
> minRequiredPasswordLength="6"
> minRequiredNonalphanumericCharacters="0" name="YourSqlProvider"
> type="System.Web.Security.SqlMembershipProvider" />
> </providers>
> </membership>
> <authentication mode="Forms">
> <forms loginUrl="default1.aspx" protection="Validation" timeout="300" />
> </authentication>
> <authorization>
> <allow users="*"/>
> </authorization>
> <globalization requestEncoding="utf-8" responseEncoding="utf-8"/>
> <roleManager enabled="true" defaultProvider="AspNetSqlRoleProvider" />
> <siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
> <providers>
> <add name="XmlSiteMapProvider" description="SiteMap provider which reads

in
> .sitemap XML files." type="System.Web.XmlSiteMapProvider, System.Web,
> Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
> siteMapFile="web.sitemap" securityTrimmingEnabled="true"/>
> </providers>
> </siteMap>
> </system.web>
> <location path="Admin">
> <system.web>
> <authorization>
> <allow roles="Administrators"/>
> <!-- deny users="*"/ -->
> </authorization>
> </system.web>
> </location>
> </configuration>
>
>
>



 
Reply With Quote
 
 
 
 
Dominick Baier [DevelopMentor]
Guest
Posts: n/a
 
      05-19-2006
I would set the trust level to medium on my local copy too and try to debug...

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> Oh, I forgot to add, when I refresh 1-10 times it will work.
>
> "Cindy Lee" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>
>> I'm using a .net 2.0 Hosted server, IIS has trust level I think I
>> medium, which I can't over-ride.
>>
>> I'm working off the Personal Website wizard. I get this security
>> issue
>> usually after I log in and come back. Sometimes I get it, and
>> sometimes I
>> don't. I can't repeat it all the time.
>> How should I set my token key? i just use what's in the config file:
>> b77a5c561934e089.
>> I know I can't do full Trust because it get's overridden.
>> There's nothing on my pages that is a big security issue. I don't
>> care who
>> has access to it. Is there anything I should do to change my config
>> file.
>> This is my error below, and my config file is below that
>> Description: The application attempted to perform an operation not
>> allowed by the security policy. To grant this application the
>> required permission please contact your system administrator or
>> change the application's trust level in the configuration file.
>>
>> Exception Details: System.Security.SecurityException: Request for the
>> permission of type 'System.Security.Permissions.FileIOPermission,
>>

> mscorlib,
>
>> Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'
>> failed.
>>
>> Conifg
>> <?xml version="1.0"?>
>> <configuration

> xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
>
>> <connectionStrings>
>> <remove name="LocalSqlServer"/>
>> <add name="LocalSqlServer" connectionString="Data
>> Source=SQLB1.webcontrolcenter.com;Initial Catalog=loftladb;Persist

> Security
>
>> Info=True;User ID=xxx;Password=xxx"/>
>> <add name="Personal" connectionString="Data
>> Source=SQLB1.webcontrolcenter.com;Initial Catalog=loftladb;Persist

> Security
>
>> Info=True;User ID=xxx;Password=xxx"
>> providerName="System.Data.SqlClient" />
>> <add name="loftladbConnectionString1" connectionString="Data
>> Source=SQLB1.webcontrolcenter.com;Initial Catalog=loftladb;Persist

> Security
>
>> Info=True;User ID=xxx;Password=xxx"
>> providerName="System.Data.SqlClient" />
>> </connectionStrings>
>> <system.web>
>> <pages styleSheetTheme="White"/>
>> <customErrors mode="Off"/>
>> <compilation debug="true"/>
>> <membership defaultProvider="YourSqlProvider">
>> <providers>
>> <add connectionStringName="LocalSqlServer"
>> applicationName="LoftLAApp"
>> minRequiredPasswordLength="6"
>> minRequiredNonalphanumericCharacters="0" name="YourSqlProvider"
>> type="System.Web.Security.SqlMembershipProvider" />
>> </providers>
>> </membership>
>> <authentication mode="Forms">
>> <forms loginUrl="default1.aspx" protection="Validation" timeout="300"
>> />
>> </authentication>
>> <authorization>
>> <allow users="*"/>
>> </authorization>
>> <globalization requestEncoding="utf-8" responseEncoding="utf-8"/>
>> <roleManager enabled="true" defaultProvider="AspNetSqlRoleProvider"
>> />
>> <siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
>> <providers>
>> <add name="XmlSiteMapProvider" description="SiteMap provider which
>> reads

> in
>
>> .sitemap XML files." type="System.Web.XmlSiteMapProvider, System.Web,
>> Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
>> siteMapFile="web.sitemap" securityTrimmingEnabled="true"/>
>> </providers>
>> </siteMap>
>> </system.web>
>> <location path="Admin">
>> <system.web>
>> <authorization>
>> <allow roles="Administrators"/>
>> <!-- deny users="*"/ -->
>> </authorization>
>> </system.web>
>> </location>
>> </configuration>



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Server Application Unavailable on hosted server, not locally though dalton ASP .Net 2 07-16-2007 08:06 PM
EntLIb 3.1 and Ajax Enabled App hosted in Medium trust Probs Mukesh ASP .Net 3 07-10-2007 06:58 AM
Full trust and medium trust in .net and websites Linda ASP .Net Security 1 08-31-2006 05:16 AM
Session Time Out Issue In ASP.NEtT hosted in Windows 2003 Enterprise Edition vasu devan ASP .Net 0 02-24-2006 09:42 AM
ISP uses Hosted level of Trust dda ASP .Net 1 05-17-2005 10:49 AM



Advertisments