WebConfigurationManager.GetSection in Medium Trust

Hi Roger,

Sorry for the late response. From your description you have to use medium
trust for your web application. You also want to get some information
stored in the Web.config file (Membership provider information in your
case). If my understanding is wrong please correct me.

Unfortunately, calling WebConfigurationManager.GetSection() method directly
is not allowed in medium trust. To work it around I would like to suggest
following alternatives:

1. Store data in <appSettingsin the Web.config file:
<appSettings>
<add key="setting1" value="value1"/>
</appSettings>
Then get it in your code:
string s = ConfigurationManager.AppSettings["setting1"];

2. If Web.config file is not encrypted we can read this file directly, then
use Linq to xml or XmlReader class to parse the xml. Since the Web.config
locates in the application directory it will not violate the security
restrictions listed here:
http://msdn.microsoft.com/en-us/libr...93(VS.80).aspx

Please have a try and let me know if you need further assistance.

Regards,
Allen Chen
Microsoft Online Support
Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
ms****@microsoft.com.

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscripti...ult.aspx#notif
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscripti...t/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| Thread-Topic: WebConfigurationManager.GetSection in Medium Trust
| thread-index: Acj+HJza13XqL8JqQ/e0CUdnRNmlwA==
| X-WBNR-Posting-Host: 207.46.19.168
| From: =?Utf-8?B?Um9nZXIgTWFydGlu?= <Roger Ma****@community.nospam>
| Subject: WebConfigurationManager.GetSection in Medium Trust
| Date: Thu, 14 Aug 2008 07:47:02 -0700
| Lines: 24
| Message-ID: <0E**********************************@microsoft.co m>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.3119
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| Path: TK2MSFTNGHUB02.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl
microsoft.public.dotnet.framework.aspnet:73875
| NNTP-Posting-Host: tk2msftibfm01.phx.gbl 10.40.244.149
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| Is it possible for a medium trust web application to read the Membership
| providers? The following throws a SecurityException:
|
| MembershipSection membershipSection =
(MembershipSection)WebConfigurationManager.GetSect ion("system.web/membership
");
|
| I have custom sections in my web.config where I specify
| requirePermission="false", which allows them to be read in medium trust,
but
| it does not seem possible to do this for the membership section. When I
| attempt it, like putting the following at the top of web.config...
|
| <section name="membership"
type="System.Web.Configuration.MembershipSection,
| System.Web" allowDefinition="MachineToApplication"
requirePermission="false"
| />
|
| ...I get the error "There is a duplicate 'system.web/membership' section
| defined". I understand it may be possible to get around this by editing
the
| machine-level web.config so that allowOverride="true", but this is not an
| option in my case, as I am developing a web application for wide
| distribution, and I do not want to require my users to edit the
machine-level
| web.config.
|
| Thanks,
| Roger Martin
|

Perhaps you are not aware of this, but it *is* possible to call
WebConfigurationManager.GetSection() method in medium trust.

I already do this for a new section named galleryServerPro I added to
web.config. I defined the section like this:

<configSections>
<sectionGroup name="system.web">
<section name="galleryServerPro"
type="GalleryServerPro.Configuration.GalleryServer ProConfigSettings,
GalleryServerPro.Configuration" allowDefinition="MachineToApplication"
restartOnExternalChanges="true" requirePermission="false" />
</sectionGroup>
</configSections>

Then I can access it like this:

GalleryServerProConfigSettings _alleryServerProConfigSection =
(GalleryServerProConfigSettings)System.Web.Configu ration.WebConfigurationManager.GetSection("system. web/galleryServerPro");

This works in Medium Trust. All I want to do is access the Membership
section as well.

I suspect the real answer is that, despite being able to access custom
sections, one cannot access pre-defined sections such as Membership. Can you
confirm?

Being able to access the AppSettings section does not help me access the
Membership section, so that is not a viable solution, unless of course if I
duplicate my settings in both the Membership and AppSettings section, but
that violates best practices.

It appears the only answer is to use the XmlReader class (Linq is not
available in my .NET 2.0 app). If you have any sample code that shows how to
access the Membership section this way, I would really appreciate it,
otherwise I can probably muddle through it on my own.

Thanks,
Roger

Hi Roger,
==================================================
'¡*. despite being able to access custom
sections, one cannot access pre-defined sections such as Membership. Can
you
confirm?'
==================================================
Sorry that my statement is not very clear. In medium trust, by default,
it's only allowed to access the section defined in the Web.config file that
is in the application directory. It's not allowed to read the configuration
settings in the machine.config file. Since the membership section is
defined in the machine.config it violates the security policy when calling
WebConfigurationManager.GetSection("system.web/membership").

==================================================
'¡*.the only answer is to use the XmlReader class (Linq is not
available in my .NET 2.0 app). If you have any sample code that shows how
to
access the Membership section this way, I would really appreciate it'
==================================================
To use XmlReader to read the Web.config file you can try this:
string xml = "";

using (FileStream fs = new
FileStream(Server.MapPath("Web.config"), FileMode.Open, FileAccess.Read,
FileShare.Read)) {
using (StreamReader sr = new StreamReader(fs)) {
XmlReader r = XmlReader.Create(sr);
while (r.Read()) {
if (r.Name == "membership")
{
xml= r.ReadInnerXml();
break;
}
}
}
}
Response.Write(HttpUtility.HtmlEncode( xml));

Please have a try and feel free to let me know if you need further
assistance.

Regards,
Allen Chen
Microsoft Online Support

--------------------
| Thread-Topic: WebConfigurationManager.GetSection in Medium Trust
| thread-index: AckC1QDYNcXdV3e4RtijJ2mqnWrX/A==
| X-WBNR-Posting-Host: 207.46.19.168
| From: =?Utf-8?B?Um9nZXIgTWFydGlu?= <Roger Ma****@community.nospam>
| References: <0E**********************************@microsoft.co m>
<AG**************@TK2MSFTNGHUB02.phx.gbl>
| Subject: RE: WebConfigurationManager.GetSection in Medium Trust
| Date: Wed, 20 Aug 2008 07:57:02 -0700
| Lines: 40
| Message-ID: <18**********************************@microsoft.co m>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.3119
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| Path: TK2MSFTNGHUB02.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl
microsoft.public.dotnet.framework.aspnet:74316
| NNTP-Posting-Host: tk2msftibfm01.phx.gbl 10.40.244.149
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| Perhaps you are not aware of this, but it *is* possible to call
| WebConfigurationManager.GetSection() method in medium trust.
|
| I already do this for a new section named galleryServerPro I added to
| web.config. I defined the section like this:
|
| <configSections>
| <sectionGroup name="system.web">
| <section name="galleryServerPro"
| type="GalleryServerPro.Configuration.GalleryServer ProConfigSettings,
| GalleryServerPro.Configuration" allowDefinition="MachineToApplication"
| restartOnExternalChanges="true" requirePermission="false" />
| </sectionGroup>
| </configSections>
|
| Then I can access it like this:
|
| GalleryServerProConfigSettings _alleryServerProConfigSection =
|
(GalleryServerProConfigSettings)System.Web.Configu ration.WebConfigurationMan
ager.GetSection("system.web/galleryServerPro");
|
| This works in Medium Trust. All I want to do is access the Membership
| section as well.
|
| I suspect the real answer is that, despite being able to access custom
| sections, one cannot access pre-defined sections such as Membership. Can
you
| confirm?
|
| Being able to access the AppSettings section does not help me access the
| Membership section, so that is not a viable solution, unless of course if
I
| duplicate my settings in both the Membership and AppSettings section, but
| that violates best practices.
|
| It appears the only answer is to use the XmlReader class (Linq is not
| available in my .NET 2.0 app). If you have any sample code that shows how
to
| access the Membership section this way, I would really appreciate it,
| otherwise I can probably muddle through it on my own.
|
| Thanks,
| Roger
|
|

Thanks for confirming that. And thanks also for the XmlReader sample code.
That is exactly what I needed, and I am back in the ballgame now.

Cheers,
Roger Martin

"Allen Chen [MSFT]" wrote:

To use XmlReader to read the Web.config file you can try this:
string xml = "";

using (FileStream fs = new
FileStream(Server.MapPath("Web.config"), FileMode.Open, FileAccess.Read,
FileShare.Read)) {
using (StreamReader sr = new StreamReader(fs)) {
XmlReader r = XmlReader.Create(sr);
while (r.Read()) {
if (r.Name == "membership")
{
xml= r.ReadInnerXml();
break;
}
}
}
}
Response.Write(HttpUtility.HtmlEncode( xml));