DotNetNewsgroup.com  
web access to complete list of Microsoft.NET newsgroups
   home   |   control panel login   |   archive  |  
 
  carried group
academic
adonet
aspnet
aspnet.announcements
aspnet.buildingcontrols
aspnet.caching
aspnet.datagridcontrol
aspnet.mobile
aspnet.security
aspnet.webcontrols
aspnet.webservices
assignment_manager
datatools
dotnet.distributed_apps
dotnet.general
dotnet.myservices
dotnet.nternationalization
dotnet.scripting
dotnet.security
dotnet.vjsharp
dotnet.vsa
dotnet.xml
dotnetfaqs
framework
framework.clr
framework.compactframework
framework.component_services
framework.controls
framework.databinding
framework.drawing
framework.enhancements
framework.interop
framework.odbcnet
framework.performance
framework.remoting
framework.sdk
framework.setup
framework.webservices
framework.windowsforms
framework.wmi
frwk.windowsforms.designtime
lang.csharp
lang.jscript
lang.vb
lang.vb.controls
lang.vb.data
lang.vb.upgrade
lang.vc
lang.vc.libraries
  
 
start date: Thu, 28 Jun 2007 18:18:20 +0530,    posted on: microsoft.public.dotnet.framework.aspnet.security        back       

Thread Index
  1    Atul Thombre


Custom membership provider in partial trust mode    
Hello,

I am developing a custom membership provider. For that I built a prototype 
that uses a SQL Server 2005 database as a backend store. I implemented the 
class System.Web.Security.MembershipProvider and implemented few necessary 
methods. The methods use SQL for interacting with the SQL Server database. I 
put all this code in a class library.

I also created a simple Website using Visual Studio 2005 and configured the 
Web.config to use this custom provider that I have written. Everything 
worked fine. I could use the ASP.NET configuration tool and use the custom 
provider to add users and view user details. Then I added a login page with 
a login control and create user page with create user control and both of 
them worked.

Now, I want to run this provider in the partial trust environment since MOSS 
2007 runs in Minimal trust mode. I followed instructions provided in some of 
the articles that I found on the web. Basically, the steps I took were
  - Add a line <trust level="CustomTrust" originUrl=""/> in the Web.Config 
for the website I created.
  - Add a security policy in the same Web.config. This policy associates the 
trust level specified above with the config file.
  - I then copied web_minimaltrust.config from the framework CONFIG 
directory to the Website directory and renamed it
  - I then added [assembly: AllowPartiallyTrustedCallers] and [assembly: 
SecurityCritical] in the assemblyInfo file for the custom provider.
  - I added a permission set to the custom.config file. It is like this -
                        <PermissionSet
                                class="NamedPermissionSet"
                                version="1"
                                Name="MyCustomPermissionSet"
                                Unrestricted="true"
                                Level="CustomTrust"
                                Description="My custom permission set">
                          <IPermission
                                  class="SecurityPermission"
                                  version="1"
                                  Flags="Execution, Assertion"
                          />
                          <IPermission
                                  class="SqlClientPermission"
                                  version="1"
                                  Unrestricted="true"
                          />
                        </PermissionSet>
  - I then created a strong name key pair file and added it to the custom 
provider project and referenced it in that project.
  - I added a Codegroup section in the custom.config file as follows
                        <CodeGroup
                                class="UnionCodeGroup"
                                version="1"
                                PermissionSetName="MyCustomPermissionSet"
                                Description="Custom code group for my signed 
assembly">
                            <IMembershipCondition
                                  class="StrongNameMembershipCondition"
                                  version="1"
                                  PublicKeyBlob="Public key blob from the 
strong name key pair"
                            />
                        </CodeGroup>
  - I added [SecurityCritical] in front of all the methods that are 
implemented
  - I added following code in all the methods
                SecurityPermission permission1 = new 
SecurityPermission(PermissionState.Unrestricted);
                permission1.Assert();

Now I am trying to run the ASP.NET configuration tool and it gives an error
                "This feature is not supported at the configured trust 
level".

If I raise the trust level to 'Medium', everything works. If I lower it to 
'Low', I get a different error, something about mscorlib. "Request for the 
permission of type 'System.Security.Permissions.SecurityPermission, 
mscorlib, Version=2.0.0.0.... failed".

First of all, do I have to run the custom provider in the minimal trust 
level? I am doing this because I read that MOSS 2007 expects it to run in 
partial [minimal] trust mode.

Where am I going wrong? I could not find anything on the web that will help 
me solve this problem. So, any help is really appreciated.

Thanks,

Atul.
Date:Thu, 28 Jun 2007 18:18:20 +0530   Author:  

Google
 
Web dotnetnewsgroup.com


COPYRIGHT ?2005, EUROFRONT WORLDWIDE LTD., ALL RIGHT RESERVE  |   Contact us