Ask a Question related to ASP.NET Building Controls, Design and Development.
-
0to60 #1
Can't configure security for client side control
I've created a Windows.Forms control and placed it on an aspx page with the
<object> tag and verified that it works nicely. But, when I add
functionality to it (specifically, stuff from system.net.sockets) I get a
security policy violation. I've followed the instructions given at
[url]http://msdn.microsoft.com/msdnmag/issues/02/01/UserCtrl/default.aspx[/url], but I
can't get it to work at all. I add a permission set, add a code group,
point it at my assembly via the strong name, etc... It works fine in a
standalone app, but I can't get past security when the control is on a web
page. Any suggestions?
0to60 Guest
-
Modify datagrid control on client side
Hello to all, I am using Visual Studio 2005 now. Is there an example out there where one can see a Microsoft Datagrid control being modified on... -
Client side event for datagrid control
This is probably a simple one, but I cannot seem to find an example. I have a datagrid with each row containing Checkbox | Textbox |... -
Client-Side Script for CheckBox Web Control
I'm trying to create a server Web control that renders as a checkbox that has an OnClick event associated with it. I've created a short proof of... -
ASP.Net and client side control (SelectedIndexChanged)
I was wondering what capabilities ASP.Net has at the client level. I have been using a RadioButtonList. My control and additional textboxes... -
How to configure a SOAP extension to run on the client side?
Hi, this is actually quite simple. The best and easiest approach is to configure it in the application's .config file. Just like this:... -
tom wisnowski #2 RE: Can't configure security for client side control
Are you sure the code is executing in the group you specified? Under what
node in the code groups tree did you create the new group? What condition
type did you choose? I have done the exact thing you are trying but instead
of using StrongName, I used url which worked.
More than likely the code is not executing it the group you think.
"0to60" wrote:
> I've created a Windows.Forms control and placed it on an aspx page with the
> <object> tag and verified that it works nicely. But, when I add
> functionality to it (specifically, stuff from system.net.sockets) I get a
> security policy violation. I've followed the instructions given at
> [url]http://msdn.microsoft.com/msdnmag/issues/02/01/UserCtrl/default.aspx[/url], but I
> can't get it to work at all. I add a permission set, add a code group,
> point it at my assembly via the strong name, etc... It works fine in a
> standalone app, but I can't get past security when the control is on a web
> page. Any suggestions?
>
>
>tom wisnowski Guest
-
0to60 #3 Re: Can't configure security for client side control
"tom wisnowski" <tomwisnowski@discussions.microsoft.com> wrote in message
news:56D7B52F-A252-49E0-BACC-B72F3DFEF608@microsoft.com...instead> Are you sure the code is executing in the group you specified? Under what
> node in the code groups tree did you create the new group? What condition
> type did you choose? I have done the exact thing you are trying butI created the code group under Machine->IntranetZone. Does that make a> of using StrongName, I used url which worked.
>
> More than likely the code is not executing it the group you think.
difference? How exactly do I say which zone my code will apply to? I
thought that was all controlled by the membership specifics for that code
group, i.e. if it has a strong name of such and such, it will be run under
this code group. Is that not so?
Furthermore, when I ran the Evaluate an Assembly util on my assembly, it
came back "unrestriced access". That kinda makes sense, because if I
created an assembly for a standalone .exe, it would be able to pretty much
do anything. If I look at it that way, it SHOULD be unrestricted. But on a
web page, it SHOULD have more security. How can I see the difference?
0to60 Guest
-
tom wisnowski #4 RE: Can't configure security for client side control
Try something like this to look at the evidence the assembly is executing with:
public void GetEvidence()
{
IEnumerator enumerator =
Assembly.GetExecutingAssembly().Evidence.GetEnumer ator();
while(enumerator.MoveNext())
{
object o = enumerator.Current;
//try cast to type of evidence object...
switch(o.GetType().Name)
{
case "Group":
CodeGroup g = (Group)o;
//g.Name;
break;
case "Site":
Site s = (Site)o;
//s.Name;
break;
case "Url":
Url u = (Url)u;
//u.Value;
break;
//etc.....
}
}
}
you could call a function to return the group names that you could call from
javascript, then write the names on the client UI for debugging purposes.
(You could also use Debug.WriteLine and use Dbmon or DebugView on the client
as well).
Hope this helps!
"tom wisnowski" wrote:
> Are you sure the code is executing in the group you specified? Under what
> node in the code groups tree did you create the new group? What condition
> type did you choose? I have done the exact thing you are trying but instead
> of using StrongName, I used url which worked.
>
> More than likely the code is not executing it the group you think.
>
> "0to60" wrote:
>> > I've created a Windows.Forms control and placed it on an aspx page with the
> > <object> tag and verified that it works nicely. But, when I add
> > functionality to it (specifically, stuff from system.net.sockets) I get a
> > security policy violation. I've followed the instructions given at
> > [url]http://msdn.microsoft.com/msdnmag/issues/02/01/UserCtrl/default.aspx[/url], but I
> > can't get it to work at all. I add a permission set, add a code group,
> > point it at my assembly via the strong name, etc... It works fine in a
> > standalone app, but I can't get past security when the control is on a web
> > page. Any suggestions?
> >
> >
> >tom wisnowski Guest
-
tom wisnowski #5 Re: Can't configure security for client side control
That is partly true, it does resolve group membership via evidence. The
system first resolves the top level group mebership, ie internet, intranet,
etc. Once inside a group it looks at the sub groups at that level and thier
membership conditions. The system will execute the code in the group that has
a condition that matches the assembly's evidence. This process of searching
for group membership is recursivley repeated until the assembly does not
qualify for any sub group at a particular level. Once this condition is met,
the code executes in the group at the current search level.
"0to60" wrote:
> "tom wisnowski" <tomwisnowski@discussions.microsoft.com> wrote in message
> news:56D7B52F-A252-49E0-BACC-B72F3DFEF608@microsoft.com...> instead> > Are you sure the code is executing in the group you specified? Under what
> > node in the code groups tree did you create the new group? What condition
> > type did you choose? I have done the exact thing you are trying but>> > of using StrongName, I used url which worked.
> >
> > More than likely the code is not executing it the group you think.
> I created the code group under Machine->IntranetZone. Does that make a
> difference? How exactly do I say which zone my code will apply to? I
> thought that was all controlled by the membership specifics for that code
> group, i.e. if it has a strong name of such and such, it will be run under
> this code group. Is that not so?
>
> Furthermore, when I ran the Evaluate an Assembly util on my assembly, it
> came back "unrestriced access". That kinda makes sense, because if I
> created an assembly for a standalone .exe, it would be able to pretty much
> do anything. If I look at it that way, it SHOULD be unrestricted. But on a
> web page, it SHOULD have more security. How can I see the difference?
>
>
>tom wisnowski Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
