Last post Apr 08, 2005 04:20 AM by anthony.glenwright
Apr 02, 2005 11:34 PM|phebous|LINK
I have run into a problem and debating on the best solutions to adhere to the design of the DNN framework. I am trying to access a Web Service - WSDL and I am getting this error when access it:
Request for the permission of type System.Net.WebPermission, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.
I believe the problem goes back to the Trust Level in the web.config.
<trust level="Medium" originUrl=...
Here are the definition of the levels:
Not able to call serviced components
Not able to write to the event log
Not able to access Microsoft Message Queuing queues
Not able to access OLE DB data sources
Since I don't think that I want to change the Trusted permissions, I am limiting my options on what to do. One way is to Sandbox the code and the other is to Customize the Policy. Which is the best approach to solve this access problem? Am I evaluating
this problem correctly? Can anybody provide any lessons learned with Web Services and Module development?
Apr 03, 2005 04:06 AM|anthony.glenwright|LINK
Have you tried temporarily changing the trust level in order to verify that you have diagnosed the issue correctly?
The DNNUpdate module (running on end-user DNN systems) calls the web service at http://www.dnnupdate.com/informationservices.asmx from standard DNN 3 sites (with trust=medium) with no problems,
so I think your problem is probably something else, unless it's your web services code that is asserting the need for
Apr 03, 2005 04:17 AM|anthony.glenwright|LINK
Apr 03, 2005 05:16 AM|phebous|LINK
Thanks for your response, Anthony!
Actually, the trust level is not commented out. By default in 3.x, it is set to Medium. I looked at changing it, but it ran into a problem with trying increase. Plus, the more I read about the trust level, the more I thought it would be best to leave
it medium. I think, and maybe somebody from the core team can comment, the reason to put it in is to implement Patterns and Best Practices.
But to answer your question, yes. I took the same code to a stand-alone project. I ran the code, it worked fine. I then put the trust level=Medium in it’s' web.config and it failed with the same error. I also tried it at a trust level=High and it did
work at this level.
I also looked at DNN 2.x and it appears that they did not include the trust level line in the web.config. So, I expect it will work there. I will give an update.
You also brought up a interesting point. In the Development.config, the trust level=medium is NOT commented out. In the Release.config it IS commented out. Why would you loosen controls for production? By doing this, production machines by default will
grant access to registry, file system (and not just the site tree), message queue, system event logs, and much more. (That is if the machine.config does not limit it).
Apr 03, 2005 05:54 AM|anthony.glenwright|LINK
I tried to get medium trust working on my local/development DNN3 by un-commenting out the line, and just got a weird error:
Parser Error Message: ?
[No relevant source lines]
So maybe it's commented out in the release.config because it actually has to be changed in machine.config, not web.config?
Apr 03, 2005 10:45 AM|cathal|LINK
in dnn 3.12 the trust level is commented out, however all the coreteam run as medium trust as we intend keeping Dotnetnuke capability of running in partial trust environments (specifically medium). It does mean there are some limiting factors which you have
to work around if you require certain functionality. The prime amongst these is support for webservices. By default only calls to the current site are supported, though you can also add a single domain in your web.config file by utilising the
originUrl= attribute [note: this supports wildcards so you can use "feeds.moreover.com/*" to access multiple feeds]. Additionally, it's possible to add other allowed origins, but this requires access to the machine.config file, which is not always possible
in shared hosting scenarios.
Personally, I believe most shared hosts, if they reduce the trust level from Full, will create custom policies based on medium, and add any additional necessary permissions. To enable all webservices in a custom policy, simply change the webpermission block
Certain 3rd party modules will not work in any partial trust environment, as they require full trust e.g. any module that uses pinvoke or com-interop needs full trust [Anthony, i'm guessing your system monitor module uses pinvoke for wmi and pings, so it
probably falls into this category]
Finally, please note, when you alter your trust levels, you must restart the application for it to take affect, otherwise it gives odd effects. The best way to do this is to restart IIS altogether.
I've been putting together some notes on DNN and Code Access Security, and they will form the basis of either a document or a dotnetnuke.com hosted article in the near future.
Apr 03, 2005 10:51 AM|cathal|LINK
"In the Development.config, the trust level=medium is NOT commented out. In the Release.config it IS commented out. Why would you loosen controls for production? By doing this, production machines by default will grant access to registry, file system
(and not just the site tree), message queue, system event logs, and much more. (That is if the machine.config does not limit it). "
Sorry if I didn't make it clear, but the difference between the development and release config, is to support the coreteam developing in medium, but the distribution goes out in Full. In an ideal world, we would like DNN to always be running in a partial
trust environment, but currently it would not be 'fair' to the community and 3rd party module developers to force this issue. With asp.net 2.0, Microsoft have made some key changes that will help, by allowing oledb providers to run in partial trust (so MS
Access will no longer need Full), and by adding the AllowPartialTrustCallers (APTC) attribute to a number of new namespaces. Currently, I don't have a definitie list, but once the beta2 comes out in the next few days/weeks, I'll generate a list and post it
for peoples information.
Apr 03, 2005 03:39 PM|phebous|LINK
Thanks for you response! This sheds a lot of light on my problem and the direction of DNN. Just one simple question left: Should I be worrying my tiny little brain with setting the trust level to medium, like the core team does, or just move my trust level
to full and continue coding happily ignorant?
Apr 03, 2005 05:22 PM|cathal|LINK
It mostly depends on what trust level your hosting provider supports. Currently, virtually all hosting providers support Full (as it's required for access to the oledb namespace) so that users can run applications off mysql/ms access etc, so most people
run in Full and are not even aware of trust levels. If your host supports Full,then code that way.
It's worth being aware though, that IMHO when asp.net 2 is released, I'd expect host providers to consider altering the trust levels to minimise potential security issues for them (and other shared customers). When (if) they do that, they simply need to
apply the change to the machine.config file, and mark it add the allowOverride attribute and set it to false. This means that asp.net ignores the equivalent web.config setting, so your application will then run in this context. This is part of the reason we've
done all this work, as we prefer to be ahead of the curve rather than playing catch-up (plus it's an excellent security enhancement). Microsoft will also be pushing trust levels as it's a model that apache doesn't support so they see it as a competitive advantage.
Apr 07, 2005 09:28 PM|anthony.glenwright|LINK
cathal: Instead of using a custom policy, can users allow all web services with
medium security by using this line in web.config?
<trust level="Medium" originUrl="*" />
Apr 07, 2005 09:34 PM|cathal|LINK
no I'm afraid not. The originUrl parameter requires a url fragment.
Apr 07, 2005 09:52 PM|anthony.glenwright|LINK
Rats.. I'm still unable to set up a test environment for running in medium trust so I can get some documentation together for any modules that have problems with medium trust. I tried un-commenting the Trust level line in web.config, and also tried editing
machine.config, but either way I get the error below. The error references line 199 of machine.config, which says "<add
/>". Any ideas?
Server Error in '/DNN3' Application.
An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
Parser Error Message: ?
[No relevant source lines]
Source File: machine.config Line:
Version Information: Microsoft .NET Framework Version:1.1.4322.2032; ASP.NET Version:1.1.4322.2032
My test DNN install URL is http://localhost/dnn3, and the web.config line is:
Apr 08, 2005 04:20 AM|anthony.glenwright|LINK
Never mind, the error is just asp.net being stupid. Something about being in Medium trust breaks the JIT compiler or something, and the result is that every time I change web.config, if trust=medium I get this error. Resetting IIS (with iisreset) fixes