I am referencing the NUnit libraries in an assembly that is hosted by a COM+
application.  Within NUnit it creates a "runner" app domain and then calls
CreateInstanceAndUnwrap to create an instance of a class within a unit test
assembly.  I get a SecurityException on this method when it is executed
within the bounds of a COM+ application, even though it is actually in a .NET
assembly.

If I refernce the same NUnit libraries and the same assembly calls them but
is hosted in a .NET forms application I do not get any SecurityExceptions on
the CreateInstanceAndUnwrap call.

I've tried several imperative and declaritve security options at the
assembly, class and method levels but so far nothing has worked.  Has anyone
encountered this or have any suggestions on other things to try?

Is it your code that's creating the app domain or some other code?  Do you
know if any app domain policy is being applied or if any additional evidence
is being provided for the app domain or the target class assembly?


Could you please provide the full exception details (incl. stack trace
listing) as returned from its ToString method?



There are several possible reasons for the difference.  App domain policy is
one.  Limited CAS permission grants to other assemblies on the call stack is
another.  Might you be able to provide a minimal sample
(http://www.yoda.arachsys.com/csharp/complete.html) that demonstrates the
problem?

Here is the full stack trace:
==========================
Server stack trace:
   at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly)
   at System.Activator.CreateInstance(Type type, Boolean nonPublic)
   at System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder
binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   at System.Activator.CreateInstance(Type type, BindingFlags bindingAttr,
Binder binder, Object[] args, CultureInfo culture, Object[]
activationAttributes)
   at System.Activator.CreateInstance(String assemblyName, String typeName,
Boolean ignoreCase, BindingFlags bindingAttr, Binder binder, Object[] args,
CultureInfo culture, Object[] activationAttributes, Evidence securityInfo,
StackCrawlMark& stackMark)
   at System.Activator.CreateInstance(String assemblyName, String typeName,
Boolean ignoreCase, BindingFlags bindingAttr, Binder binder, Object[] args,
CultureInfo culture, Object[] activationAttributes, Evidence securityInfo)
   at System.AppDomain.CreateInstance(String assemblyName, String typeName,
Boolean ignoreCase, BindingFlags bindingAttr, Binder binder, Object[] args,
CultureInfo culture, Object[] activationAttributes, Evidence
securityAttributes)
   at System.AppDomain.CreateInstanceAndUnwrap(String assemblyName, String
typeName, Boolean ignoreCase, BindingFlags bindingAttr, Binder binder,
Object[] args, CultureInfo culture, Object[] activationAttributes, Evidence
securityAttributes)
   at
System.Runtime.Remoting.Messaging.StackBuilderSink.PrivateProcessMessage(MethodBase
mb, Object[] args, Object server, Int32 methodPtr, Boolean fExecuteInContext,
Object[]& outArgs)
   at
System.Runtime.Remoting.Messaging.StackBuilderSink.SyncProcessMessage(IMessage msg, Int32 methodPtr, Boolean fExecuteInContext)
=============================

The Nunit code is actually creating the app domain but I do have the source
so I can change it if necessary.  I don't know that any app domain policies
are being applied but I will look into this.  Would I look for this using
caspol or through the "Microsoft .NET Framework 1.1 Configuration" tool?  The
evidence for the new domain is created from the evidence from the
currentdomain.

Evidence baseEvidence = AppDomain.CurrentDomain.Evidence;
Evidence evidence = new Evidence(baseEvidence);

Let me know if this is not enough information and I can see if I can put
together a small code sample.  The one real hitch in this is that the COM+
application that is hosting the .NET assemblies is Groove and I probably
cannot even attempt to represent it in code.

Show quoteHide quote

Unfortunately, it's not very helpful in this case.  However, could you
please post the rest of the details from the exception's ToString result?


Is this code that is part of NUnit itself, or code you've written to use
NUnit functionality?  If the former, could you please identify the relevant
NUnit class/method?  If the latter, could you please provide a relevant
extract?


Neither.  App domain policies are applied via code using the
AppDomain.SetAppDomainPolicy method.


How is this evidence object used in the code?  (The extract you've provided
creates the object but doesn't actually do anything meaningful with it.)


Groove itself might be irrelevant here.  Attempting to reduce the code to
the simplest repro case might actually help identify the problem, so it's a
potentially useful exercise.


Show quoteHide quote

Import RSA parameters from .PEM format
Getting User Information from a SID
LogonUser Succeeds - but fails later
Forms Authentication Not Redirecting To Login Page
HttpWebRequest.GetRequestStream - Trust Failure In Windows Service
Export and Import RSA Key Container
Get an unauthenticated windowsIdentity?
Runtime error when running caspol w/ -pub -hex
Propagate Credentials from Internet Explorer Host Instead of Defau
problem to run WINDOW user control in IE