By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,665 Members | 1,952 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,665 IT Pros & Developers. It's quick & easy.

Does GridView.DataBind work under medium trust with custom objects

P: n/a
I am having problems getting a gridview to bind to custom objects under any
non-full trust level.

I created a test project to verify what I am seeing isn't a side effect of
other code in my project and I get the same errors there:

Exception Details: System.Security.SecurityException: That assembly does not
allow partially trusted callers.

[SecurityException: That assembly does not allow partially trusted callers.]
__ASP.FastObjectFactory_app_web_hkdmcy7e.Create_AS P_default_aspx() +0
System.Web.Compilation.BuildResultCompiledType.Cre ateInstance() +194

System.Web.Compilation.BuildManager.CreateInstance FromVirtualPath(VirtualPath
virtualPath, Type requiredBaseType, HttpContext context, Boolean
allowCrossApp, Boolean noAssert) +493
System.Web.UI.PageHandlerFactory.GetHandlerHelper( HttpContext context,
String requestType, VirtualPath virtualPath, String physicalPath) +306

System.Web.UI.PageHandlerFactory.System.Web.IHttpH andlerFactory2.GetHandler(HttpContext
context, String requestType, VirtualPath virtualPath, String physicalPath)
+336
System.Web.HttpApplication.MapHttpHandler(HttpCont ext context, String
requestType, VirtualPath path, String pathTranslated, Boolean useAppConfig)
+643

System.Web.MapHandlerExecutionStep.System.Web.Http Application.IExecutionStep.Execute() +279
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean&
completedSynchronously) +444

Here is the code I have for the one page test site (using Asp.Net web
application projects).

Default.aspx:

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs"
Inherits="TestWebApp._Default" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:GridView runat="server" ID="testGrid"></asp:GridView>
</div>
</form>
</body>
</html>

Default.aspx.cs

using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

namespace TestWebApp
{
public partial class _Default : System.Web.UI.Page
{
public class MyClass
{
public MyClass()
{
name = Guid.NewGuid().ToString();
}
private string name;

public string Name
{
get { return name; }
set { name = value; }
}

}

public void Page_Load(object sender, EventArgs e)
{
testGrid.DataSource = new MyClass();
testGrid.DataBind();
}

protected void Page_PreRender(object sender, EventArgs e)
{
}
}
}

I have tried adding AllowPartiallyTrustedCallers to the assemblyinfo.cs file
for the web application, no luck.
Aug 22 '06 #1
Share this Question
Share on Google+
3 Replies


P: n/a
GridView has nothing to do with this exception. Its .Net framework that is
preventing the access.

Do you have any third party assembly involved in this dataccess process? If
so, then you need to make sure that it has correct attribute set for
Partially trusted callers. Or this assembly needs to be registered in GAC.
"Mark Leistner" <Mark Le******@discussions.microsoft.comwrote in message
news:5C**********************************@microsof t.com...
>I am having problems getting a gridview to bind to custom objects under any
non-full trust level.

I created a test project to verify what I am seeing isn't a side effect of
other code in my project and I get the same errors there:

Exception Details: System.Security.SecurityException: That assembly does
not
allow partially trusted callers.

[SecurityException: That assembly does not allow partially trusted
callers.]
__ASP.FastObjectFactory_app_web_hkdmcy7e.Create_AS P_default_aspx() +0
System.Web.Compilation.BuildResultCompiledType.Cre ateInstance() +194

System.Web.Compilation.BuildManager.CreateInstance FromVirtualPath(VirtualPath
virtualPath, Type requiredBaseType, HttpContext context, Boolean
allowCrossApp, Boolean noAssert) +493
System.Web.UI.PageHandlerFactory.GetHandlerHelper( HttpContext context,
String requestType, VirtualPath virtualPath, String physicalPath) +306

System.Web.UI.PageHandlerFactory.System.Web.IHttpH andlerFactory2.GetHandler(HttpContext
context, String requestType, VirtualPath virtualPath, String physicalPath)
+336
System.Web.HttpApplication.MapHttpHandler(HttpCont ext context, String
requestType, VirtualPath path, String pathTranslated, Boolean
useAppConfig)
+643

System.Web.MapHandlerExecutionStep.System.Web.Http Application.IExecutionStep.Execute()
+279
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean&
completedSynchronously) +444

Here is the code I have for the one page test site (using Asp.Net web
application projects).

Default.aspx:

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs"
Inherits="TestWebApp._Default" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:GridView runat="server" ID="testGrid"></asp:GridView>
</div>
</form>
</body>
</html>

Default.aspx.cs

using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

namespace TestWebApp
{
public partial class _Default : System.Web.UI.Page
{
public class MyClass
{
public MyClass()
{
name = Guid.NewGuid().ToString();
}
private string name;

public string Name
{
get { return name; }
set { name = value; }
}

}

public void Page_Load(object sender, EventArgs e)
{
testGrid.DataSource = new MyClass();
testGrid.DataBind();
}

protected void Page_PreRender(object sender, EventArgs e)
{
}
}
}

I have tried adding AllowPartiallyTrustedCallers to the assemblyinfo.cs
file
for the web application, no luck.

Aug 22 '06 #2

P: n/a
I created another project, called TestDll and I have moved the class
definition to that file. This dll is compiled, signed and placed in the GAC.

Referencing this dll in the web application project and attempting to bind
to it causes the security error about the assembly not allowing partially
trusted callers. The dll test project does have that attribute set, as does
the web application project. The page_load event succeeds, but the
processing dies before the page_prerender event.

Also visual studio does not catch the exception, it just automatically spits
out the error:

[SecurityException: That assembly does not allow partially trusted callers.]
__ASP.FastObjectFactory_app_web_h72yepmo.Create_AS P_default_aspx() +0
System.Web.Compilation.BuildResultCompiledType.Cre ateInstance() +194

System.Web.Compilation.BuildManager.CreateInstance FromVirtualPath(VirtualPath
virtualPath, Type requiredBaseType, HttpContext context, Boolean
allowCrossApp, Boolean noAssert) +493
System.Web.UI.PageHandlerFactory.GetHandlerHelper( HttpContext context,
String requestType, VirtualPath virtualPath, String physicalPath) +306

System.Web.UI.PageHandlerFactory.System.Web.IHttpH andlerFactory2.GetHandler(HttpContext
context, String requestType, VirtualPath virtualPath, String physicalPath)
+336
System.Web.HttpApplication.MapHttpHandler(HttpCont ext context, String
requestType, VirtualPath path, String pathTranslated, Boolean useAppConfig)
+643

System.Web.MapHandlerExecutionStep.System.Web.Http Application.IExecutionStep.Execute() +279
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean&
completedSynchronously) +444

Any ideas on what I can do to debug this further?

"Winista" wrote:
GridView has nothing to do with this exception. Its .Net framework that is
preventing the access.

Do you have any third party assembly involved in this dataccess process? If
so, then you need to make sure that it has correct attribute set for
Partially trusted callers. Or this assembly needs to be registered in GAC.
"Mark Leistner" <Mark Le******@discussions.microsoft.comwrote in message
news:5C**********************************@microsof t.com...
I am having problems getting a gridview to bind to custom objects under any
non-full trust level.

I created a test project to verify what I am seeing isn't a side effect of
other code in my project and I get the same errors there:

Exception Details: System.Security.SecurityException: That assembly does
not
allow partially trusted callers.

[SecurityException: That assembly does not allow partially trusted
callers.]
__ASP.FastObjectFactory_app_web_hkdmcy7e.Create_AS P_default_aspx() +0
System.Web.Compilation.BuildResultCompiledType.Cre ateInstance() +194

System.Web.Compilation.BuildManager.CreateInstance FromVirtualPath(VirtualPath
virtualPath, Type requiredBaseType, HttpContext context, Boolean
allowCrossApp, Boolean noAssert) +493
System.Web.UI.PageHandlerFactory.GetHandlerHelper( HttpContext context,
String requestType, VirtualPath virtualPath, String physicalPath) +306

System.Web.UI.PageHandlerFactory.System.Web.IHttpH andlerFactory2.GetHandler(HttpContext
context, String requestType, VirtualPath virtualPath, String physicalPath)
+336
System.Web.HttpApplication.MapHttpHandler(HttpCont ext context, String
requestType, VirtualPath path, String pathTranslated, Boolean
useAppConfig)
+643

System.Web.MapHandlerExecutionStep.System.Web.Http Application.IExecutionStep.Execute()
+279
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean&
completedSynchronously) +444

Here is the code I have for the one page test site (using Asp.Net web
application projects).

Default.aspx:

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs"
Inherits="TestWebApp._Default" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:GridView runat="server" ID="testGrid"></asp:GridView>
</div>
</form>
</body>
</html>

Default.aspx.cs

using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

namespace TestWebApp
{
public partial class _Default : System.Web.UI.Page
{
public class MyClass
{
public MyClass()
{
name = Guid.NewGuid().ToString();
}
private string name;

public string Name
{
get { return name; }
set { name = value; }
}

}

public void Page_Load(object sender, EventArgs e)
{
testGrid.DataSource = new MyClass();
testGrid.DataBind();
}

protected void Page_PreRender(object sender, EventArgs e)
{
}
}
}

I have tried adding AllowPartiallyTrustedCallers to the assemblyinfo.cs
file
for the web application, no luck.


Aug 22 '06 #3

P: n/a
Well,

I got my test project working after I discovered the built in http server
was not reloading my changes automatically and I had to shut it down manually
for some reason.

In my real project I still couldn't get it working, but then I saw I was
making a call to the Microsoft AntiXSSLibrary.HtmlEncode method... which
apparently does not allow non-trusted callers.

I removed those calls (change to Server.HtmlEncode) and it appears to work.
So now I am going to try and add a wrapper dll in the gac to still allow me
to use the AntiXSSLibrary. Very interesting, I wish it would have gave a
little more information about why it was failing.

"Mark Leistner" wrote:
I created another project, called TestDll and I have moved the class
definition to that file. This dll is compiled, signed and placed in the GAC.

Referencing this dll in the web application project and attempting to bind
to it causes the security error about the assembly not allowing partially
trusted callers. The dll test project does have that attribute set, as does
the web application project. The page_load event succeeds, but the
processing dies before the page_prerender event.

Also visual studio does not catch the exception, it just automatically spits
out the error:

[SecurityException: That assembly does not allow partially trusted callers.]
__ASP.FastObjectFactory_app_web_h72yepmo.Create_AS P_default_aspx() +0
System.Web.Compilation.BuildResultCompiledType.Cre ateInstance() +194

System.Web.Compilation.BuildManager.CreateInstance FromVirtualPath(VirtualPath
virtualPath, Type requiredBaseType, HttpContext context, Boolean
allowCrossApp, Boolean noAssert) +493
System.Web.UI.PageHandlerFactory.GetHandlerHelper( HttpContext context,
String requestType, VirtualPath virtualPath, String physicalPath) +306

System.Web.UI.PageHandlerFactory.System.Web.IHttpH andlerFactory2.GetHandler(HttpContext
context, String requestType, VirtualPath virtualPath, String physicalPath)
+336
System.Web.HttpApplication.MapHttpHandler(HttpCont ext context, String
requestType, VirtualPath path, String pathTranslated, Boolean useAppConfig)
+643

System.Web.MapHandlerExecutionStep.System.Web.Http Application.IExecutionStep.Execute() +279
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean&
completedSynchronously) +444

Any ideas on what I can do to debug this further?

"Winista" wrote:
GridView has nothing to do with this exception. Its .Net framework that is
preventing the access.

Do you have any third party assembly involved in this dataccess process? If
so, then you need to make sure that it has correct attribute set for
Partially trusted callers. Or this assembly needs to be registered in GAC.
"Mark Leistner" <Mark Le******@discussions.microsoft.comwrote in message
news:5C**********************************@microsof t.com...
>I am having problems getting a gridview to bind to custom objects under any
non-full trust level.
>
I created a test project to verify what I am seeing isn't a side effect of
other code in my project and I get the same errors there:
>
Exception Details: System.Security.SecurityException: That assembly does
not
allow partially trusted callers.
>
[SecurityException: That assembly does not allow partially trusted
callers.]
__ASP.FastObjectFactory_app_web_hkdmcy7e.Create_AS P_default_aspx() +0
System.Web.Compilation.BuildResultCompiledType.Cre ateInstance() +194
>
System.Web.Compilation.BuildManager.CreateInstance FromVirtualPath(VirtualPath
virtualPath, Type requiredBaseType, HttpContext context, Boolean
allowCrossApp, Boolean noAssert) +493
System.Web.UI.PageHandlerFactory.GetHandlerHelper( HttpContext context,
String requestType, VirtualPath virtualPath, String physicalPath) +306
>
System.Web.UI.PageHandlerFactory.System.Web.IHttpH andlerFactory2.GetHandler(HttpContext
context, String requestType, VirtualPath virtualPath, String physicalPath)
+336
System.Web.HttpApplication.MapHttpHandler(HttpCont ext context, String
requestType, VirtualPath path, String pathTranslated, Boolean
useAppConfig)
+643
>
System.Web.MapHandlerExecutionStep.System.Web.Http Application.IExecutionStep.Execute()
+279
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean&
completedSynchronously) +444
>
Here is the code I have for the one page test site (using Asp.Net web
application projects).
>
Default.aspx:
>
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs"
Inherits="TestWebApp._Default" %>
>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:GridView runat="server" ID="testGrid"></asp:GridView>
</div>
</form>
</body>
</html>
>
Default.aspx.cs
>
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
>
namespace TestWebApp
{
public partial class _Default : System.Web.UI.Page
{
public class MyClass
{
public MyClass()
{
name = Guid.NewGuid().ToString();
}
private string name;
>
public string Name
{
get { return name; }
set { name = value; }
}
>
}
>
public void Page_Load(object sender, EventArgs e)
{
testGrid.DataSource = new MyClass();
testGrid.DataBind();
}
>
protected void Page_PreRender(object sender, EventArgs e)
{
}
}
}
>
I have tried adding AllowPartiallyTrustedCallers to the assemblyinfo.cs
file
for the web application, no luck.
Aug 22 '06 #4

This discussion thread is closed

Replies have been disabled for this discussion.