|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Security issue running unmanaged code in a win form ctrl hosted incontrol hosted in IE6 Hi, I have design a windows from control which contain a .OCX in one of its forms. Component developed in C#2005 -------- .NET2 Now, the control is loaded successful via IIS in my web application. Now when I try to load the form where the OCX is hosted: private void button2_Click(object sender, EventArgs e) { Form1 a; a = new Form1(); a.ShowDialog(); } I got an .NET Excpetion saying: System.Security.SecurityException: Request failed. ************** Exception Text ************** System.Security.SecurityException: Request failed. at System.Windows.Forms.AxHost..ctor(String clsid, Int32 flags) at System.Windows.Forms.AxHost..ctor(String clsid) at AxAcroPDFLib.AxAcroPDF..ctor() at WindowsControlLibrary1.Form1.InitializeComponent() at WindowsControlLibrary1.Form1..ctor() at WindowsControlLibrary1.UserControl1.button2_Click(Object sender, EventArgs e) at System.Windows.Forms.Control.OnClick(EventArgs e) at System.Windows.Forms.Button.OnClick(EventArgs e) at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent) at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks) at System.Windows.Forms.Control.WndProc(Message& m) at System.Windows.Forms.ButtonBase.WndProc(Message& m) at System.Windows.Forms.Button.WndProc(Message& m) at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m) at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m) at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam) The action that failed was: Demand The action that failed was: Demand The type of the first permission that failed was: System.Security.PermissionSet ************** Loaded Assemblies ************** mscorlib Assembly Version: 2.0.0.0 Win32 Version: 2.0.50727.42 (RTM.050727-4200) ....................... Now the permissions for the windows from control are set to unrestricted. (I have Double-checked it via the framework evaluation permission option for assemblies persent in .NET) Tried the following in the AssemblyInfo.cs [assembly: AllowPartiallyTrustedCallers()] [assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, Flags = SecurityPermissionFlag.UnmanagedCode)] [assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, Flags = SecurityPermissionFlag.ControlEvidence)] [assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, Flags = SecurityPermissionFlag.SkipVerification)] [assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, Flags = SecurityPermissionFlag.AllFlags)] tried: [SecurityPermission(SecurityAction.Assert, UnmanagedCode = true)] [SecurityPermission(SecurityAction.Assert, ControlEvidence = true)] [SecurityPermission(SecurityAction.Assert, Unrestricted = true)] no luck!!!! Any idea how to run unmanged code in a window from hosted in IE6? Many Thanks, Filippo the CAS security policy restricts you from running umnanaged code -
go to mscorcfg.msc - there you can inspect the policy for the machine - the intranet/internet permission set don't include SecurityPermission/UnmanagedCode maybe you should create a custom code group for your control - using a StrongNameMembershipCondition, and grant that necessary permission. This has to be done on every client. --------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com Show quoteHide quote > Security problem running unmanaged code (.ocx control) in a windows > from control hosted in IE6 > > Hi, > > I have design a windows from control which contain a .OCX in one of > its > forms. > Component developed in C#2005 -------- .NET2 > Now, the control is loaded successful via IIS in my web application. > Now when I try to load the form where the OCX is hosted: > > private void button2_Click(object sender, EventArgs e) > { > Form1 a; > a = new Form1(); > a.ShowDialog(); > } > I got an .NET Excpetion saying: > > System.Security.SecurityException: Request failed. > > ************** Exception Text ************** > System.Security.SecurityException: Request failed. > at System.Windows.Forms.AxHost..ctor(String clsid, Int32 flags) > at System.Windows.Forms.AxHost..ctor(String clsid) > at AxAcroPDFLib.AxAcroPDF..ctor() > at WindowsControlLibrary1.Form1.InitializeComponent() > at WindowsControlLibrary1.Form1..ctor() > at WindowsControlLibrary1.UserControl1.button2_Click(Object sender, > EventArgs e) > at System.Windows.Forms.Control.OnClick(EventArgs e) > at System.Windows.Forms.Button.OnClick(EventArgs e) > at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent) > at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons > button, Int32 clicks) > at System.Windows.Forms.Control.WndProc(Message& m) > at System.Windows.Forms.ButtonBase.WndProc(Message& m) > at System.Windows.Forms.Button.WndProc(Message& m) > at > System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m) > at > System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m) > at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 > msg, > IntPtr wparam, IntPtr lparam) > The action that failed was: > Demand > The action that failed was: > Demand > The type of the first permission that failed was: > System.Security.PermissionSet > ************** Loaded Assemblies ************** > mscorlib > Assembly Version: 2.0.0.0 > Win32 Version: 2.0.50727.42 (RTM.050727-4200) > ...................... > > Now the permissions for the windows from control are set to > unrestricted. (I have Double-checked it via the framework evaluation > permission option for assemblies persent in .NET) > > Tried the following in the AssemblyInfo.cs > > [assembly: AllowPartiallyTrustedCallers()] > [assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, > Flags > = SecurityPermissionFlag.UnmanagedCode)] > [assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, > Flags > = SecurityPermissionFlag.ControlEvidence)] > [assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, > Flags > = SecurityPermissionFlag.SkipVerification)] > [assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, > Flags > = SecurityPermissionFlag.AllFlags)] > tried: > > [SecurityPermission(SecurityAction.Assert, UnmanagedCode = true)] > [SecurityPermission(SecurityAction.Assert, ControlEvidence = true)] > [SecurityPermission(SecurityAction.Assert, Unrestricted = true)] > > no luck!!!! > > Any idea how to run unmanged code in a window from hosted in IE6? > > Many Thanks, > Filippo I have already done it,
I have created a group with full trust for a specificy URL: http//10.10.10.10/myapplication/* and as I said: the permissions for the windows from control are set to > > unrestricted. (I have Double-checked it via the framework evaluation Many thanks,> > permission option for assemblies persent in .NET) Filippo Show quoteHide quote "Dominick Baier [DevelopMentor]" wrote: > the CAS security policy restricts you from running umnanaged code - > > go to mscorcfg.msc - there you can inspect the policy for the machine - the > intranet/internet permission set don't include SecurityPermission/UnmanagedCode > > maybe you should create a custom code group for your control - using a StrongNameMembershipCondition, > and grant that necessary permission. > > This has to be done on every client. > > --------------------------------------- > Dominick Baier - DevelopMentor > http://www.leastprivilege.com > > > Security problem running unmanaged code (.ocx control) in a windows > > from control hosted in IE6 > > > > Hi, > > > > I have design a windows from control which contain a .OCX in one of > > its > > forms. > > Component developed in C#2005 -------- .NET2 > > Now, the control is loaded successful via IIS in my web application. > > Now when I try to load the form where the OCX is hosted: > > > > private void button2_Click(object sender, EventArgs e) > > { > > Form1 a; > > a = new Form1(); > > a.ShowDialog(); > > } > > I got an .NET Excpetion saying: > > > > System.Security.SecurityException: Request failed. > > > > ************** Exception Text ************** > > System.Security.SecurityException: Request failed. > > at System.Windows.Forms.AxHost..ctor(String clsid, Int32 flags) > > at System.Windows.Forms.AxHost..ctor(String clsid) > > at AxAcroPDFLib.AxAcroPDF..ctor() > > at WindowsControlLibrary1.Form1.InitializeComponent() > > at WindowsControlLibrary1.Form1..ctor() > > at WindowsControlLibrary1.UserControl1.button2_Click(Object sender, > > EventArgs e) > > at System.Windows.Forms.Control.OnClick(EventArgs e) > > at System.Windows.Forms.Button.OnClick(EventArgs e) > > at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent) > > at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons > > button, Int32 clicks) > > at System.Windows.Forms.Control.WndProc(Message& m) > > at System.Windows.Forms.ButtonBase.WndProc(Message& m) > > at System.Windows.Forms.Button.WndProc(Message& m) > > at > > System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m) > > at > > System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m) > > at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 > > msg, > > IntPtr wparam, IntPtr lparam) > > The action that failed was: > > Demand > > The action that failed was: > > Demand > > The type of the first permission that failed was: > > System.Security.PermissionSet > > ************** Loaded Assemblies ************** > > mscorlib > > Assembly Version: 2.0.0.0 > > Win32 Version: 2.0.50727.42 (RTM.050727-4200) > > ...................... > > > > Now the permissions for the windows from control are set to > > unrestricted. (I have Double-checked it via the framework evaluation > > permission option for assemblies persent in .NET) > > > > Tried the following in the AssemblyInfo.cs > > > > [assembly: AllowPartiallyTrustedCallers()] > > [assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, > > Flags > > = SecurityPermissionFlag.UnmanagedCode)] > > [assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, > > Flags > > = SecurityPermissionFlag.ControlEvidence)] > > [assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, > > Flags > > = SecurityPermissionFlag.SkipVerification)] > > [assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, > > Flags > > = SecurityPermissionFlag.AllFlags)] > > tried: > > > > [SecurityPermission(SecurityAction.Assert, UnmanagedCode = true)] > > [SecurityPermission(SecurityAction.Assert, ControlEvidence = true)] > > [SecurityPermission(SecurityAction.Assert, Unrestricted = true)] > > > > no luck!!!! > > > > Any idea how to run unmanged code in a window from hosted in IE6? > > > > Many Thanks, > > Filippo > > > The "Request failed" message is usually due to a failed link demand for full
trust generated because a strongly named assembly one is using (presumably the interop assembly for the OCX in this case) is not marked by APTCA. Since your control assembly has an unrestricted permission grant, you should be able to fulfill the demand by asserting an unrestricted permission set in the Form1 constructor. Show quoteHide quote "Filippo Bettinaglio" <FilippoBettinag***@discussions.microsoft.com> wrote in message news:296F4EC5-9D2D-426D-8DF1-4B2AB15E710E@microsoft.com... > Security problem running unmanaged code (.ocx control) in a windows from > control hosted in IE6 > > Hi, > > > I have design a windows from control which contain a .OCX in one of its > forms. > Component developed in C#2005 -------- .NET2 > > Now, the control is loaded successful via IIS in my web application. Now > when I try to load the form where the OCX is hosted: > > private void button2_Click(object sender, EventArgs e) > { > Form1 a; > a = new Form1(); > a.ShowDialog(); > } > > I got an .NET Excpetion saying: > > System.Security.SecurityException: Request failed. > > > ************** Exception Text ************** > System.Security.SecurityException: Request failed. > at System.Windows.Forms.AxHost..ctor(String clsid, Int32 flags) > at System.Windows.Forms.AxHost..ctor(String clsid) > at AxAcroPDFLib.AxAcroPDF..ctor() > at WindowsControlLibrary1.Form1.InitializeComponent() > at WindowsControlLibrary1.Form1..ctor() > at WindowsControlLibrary1.UserControl1.button2_Click(Object sender, > EventArgs e) > at System.Windows.Forms.Control.OnClick(EventArgs e) > at System.Windows.Forms.Button.OnClick(EventArgs e) > at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent) > at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons > button, Int32 clicks) > at System.Windows.Forms.Control.WndProc(Message& m) > at System.Windows.Forms.ButtonBase.WndProc(Message& m) > at System.Windows.Forms.Button.WndProc(Message& m) > at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& > m) > at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m) > at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, > IntPtr wparam, IntPtr lparam) > The action that failed was: > Demand > The action that failed was: > Demand > The type of the first permission that failed was: > System.Security.PermissionSet > > > ************** Loaded Assemblies ************** > mscorlib > Assembly Version: 2.0.0.0 > Win32 Version: 2.0.50727.42 (RTM.050727-4200) > > ...................... > > Now the permissions for the windows from control are set to unrestricted. > (I > have Double-checked it via the framework evaluation permission option for > assemblies persent in .NET) > > > > Tried the following in the AssemblyInfo.cs > > [assembly: AllowPartiallyTrustedCallers()] > [assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, > Flags > = SecurityPermissionFlag.UnmanagedCode)] > [assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, > Flags > = SecurityPermissionFlag.ControlEvidence)] > [assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, > Flags > = SecurityPermissionFlag.SkipVerification)] > [assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, > Flags > = SecurityPermissionFlag.AllFlags)] > > > tried: > > [SecurityPermission(SecurityAction.Assert, UnmanagedCode = true)] > [SecurityPermission(SecurityAction.Assert, ControlEvidence = true)] > [SecurityPermission(SecurityAction.Assert, Unrestricted = true)] > > > no luck!!!! > > > Any idea how to run unmanged code in a window from hosted in IE6? > > > Many Thanks, > Filippo 
Other interesting topics
.NET app on a shared directory.
How to troubleshoot 401 error when connecting using NetworkCredent if I encrypt key data why do I want or need SSL? ClickOnce and remembering permissions granted Tightening the default CAS policy How to encrypt a string with ProtectedData (.NET 2.0) JavaScience CD versus book Trying to grant full trust..... (.NET 2.0) Alternative to APTCA AllowPartiallyTrustedCallersAttribute? Rights to get Data for Crystal reports |
|||||||||||||||||||||||
