By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,154 Members | 1,031 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,154 IT Pros & Developers. It's quick & easy.

System.Security.SecurityException: Request

P: n/a

I am trying to understand the following error:
Any thing you can tell me about this is appreciated.

Security Exception
Description: The application attempted to perform an operation not allowed
by the security policy. To grant this application the required permission
please contact your system administrator or change the application's trust
level in the configuration file.

Exception Details: for the permission of type
'System.Security.Permissions.EnvironmentPermission , mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:
Line 45:
Line 46: //create the smtp client
Line 47: SmtpClient _smtp = new SmtpClient("mrelay.perfora.net");
Line 48: _smtp.DeliveryMethod = SmtpDeliveryMethod.Network;
Line 49: try

Source File: e:\kunden\homepages\34\d252335749\comments.aspx.cs Line: 47

Stack Trace:
[SecurityException: Request for the permission of type
'System.Security.Permissions.EnvironmentPermission , mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
System.Security.CodeAccessSecurityEngine.Check(Obj ect demand,
StackCrawlMark& stackMark, Boolean isPermSet) +0
System.Security.CodeAccessPermission.Demand() +59
System.Net.CredentialCache.get_DefaultCredentials( ) +59
System.Net.Configuration.SmtpNetworkElementInterna l..ctor(SmtpNetworkElement
element) +55
System.Net.Configuration.SmtpSectionInternal..ctor (SmtpSection section)
+65
System.Net.Configuration.SmtpSectionInternal.GetSe ction() +173
System.Net.Mail.SmtpClient.get_MailConfiguration() +45
System.Net.Mail.SmtpClient.Initialize() +223
System.Net.Mail.SmtpClient..ctor(String host) +162
comments.contactUS_Click(Object sender, EventArgs e) in
e:\kunden\homepages\34\d252335749\comments.aspx.cs :47
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +105
System.Web.UI.WebControls.Button.RaisePostBackEven t(String eventArgument)
+107
System.Web.UI.WebControls.Button.System.Web.UI.IPo stBackEventHandler.RaisePostBackEvent(String
eventArgument) +7
System.Web.UI.Page.RaisePostBackEvent(IPostBackEve ntHandler
sourceControl, String eventArgument) +11
System.Web.UI.Page.RaisePostBackEvent(NameValueCol lection postData) +33
System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +7350
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint,
Boolean includeStagesAfterAsyncPoint) +213
System.Web.UI.Page.ProcessRequest() +86
System.Web.UI.Page.ProcessRequestWithNoAssert(Http Context context) +18
System.Web.UI.Page.ProcessRequest(HttpContext context) +49
ASP.comments_aspx.ProcessRequest(HttpContext context) in
App_Web_xytww0yg.0.cs:0
System.Web.CallHandlerExecutionStep.System.Web.Htt pApplication.IExecutionStep.Execute()
+358
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean&
completedSynchronously) +64
When I did a Google search I came up with the following url and explanation:

http://support.microsoft.com/kb/814741

CAUSE
The System.Security.Permissions.EnvironmentPermission class in Mscorlib.dll
controls the access to the user environment variables.
SystemInformation.UserName in the application requests the permission from
the EnvironmentPermission class to access the UserName environment variable.
However, in the Local Intranet zone, System.Windows.Forms does not have
permissions to access the Windows user name, and the request is not served
by Mscorlib.dll. Therefore, a security exception is raised when you run the
application.

The problem with this is that the code they give you to test with is linked
to Windows Forms;

//display the UserName currently logged
Console.WriteLine(System.Environment.UserName);
Console.ReadLine();

Even if I set this to Response.Write( ... ); System.Environment.UserName is
not available in a remote web environment.

The following is code from my web.config file. I have disguised my userID
and Password.

<system.net>
<mailSettings>
<smtp deliveryMethod="Network">
<!-- The <networknode supports the following properties, but we won't
use all of them
<network host="127.0.0.1" port="25" userName="myUserName"
password="OpenSesame" defaultCredentials="true" />
-->

<network host="mrelay.perfora.net" userName="in**@mydomain.org"
password="mypwd" defaultCredentials="true"/>
</smtp>
</mailSettings>
</system.net>

The following is the click event function that triggers the error code; it
is linked to a submit button on the form:

protected void contactUS_Click(object sender, EventArgs e)
{
//Things to Do:
// Validate form fields:
// Name field should be letters and spaces only. Can't be blank or
only spaces.
// Phone field may have () - spaces and digits
// email address must be properly formatted.
// Eventually I would like to add a check for domain validity
// After edits I need to create the message
//String from_addr = new String(FindControl("email").ToString());
MailAddress _from = new MailAddress("in**@mydomain.org");
MailAddress _sender = new MailAddress("in**@mydomain.org");
MailAddress _to = new MailAddress("we*******@mydomain.org");
MailMessage msg = new MailMessage(_from,_to);
msg.Sender = _sender;
msg.Subject = "Feedback from Comments Form";
StringBuilder sbuilder = new StringBuilder();
//Build string for message body
sbuilder.AppendLine("Senders IP Address: " +
Request.ServerVariables["remote_addr"].ToString());
sbuilder.AppendLine("Name: " +
comments_form.Controls[0].ToString());
sbuilder.AppendLine("Email: " +
comments_form.Controls[1].ToString());
sbuilder.AppendLine("Phone: " +
comments_form.Controls[2].ToString());
sbuilder.AppendLine("Message: " +
comments_form.Controls[3].ToString());
//assign string value to message body
msg.Body = sbuilder.ToString();

//create the smtp client

SmtpClient _smtp = new SmtpClient("mrelay.perfora.net");
_smtp.DeliveryMethod = SmtpDeliveryMethod.Network;

try
{
_smtp.Send(msg);

}
catch (ArgumentNullException )
{
Response.Write("Argument Null Exception");
}
catch (ArgumentOutOfRangeException )
{
Response.Write("Argument out of Range Exception");
}
catch (SmtpException )
{
Response.Write("SMTP Exception");
}
catch
{
Response.Write("Something else happened");
}

}

The following is the web page form that I am dealing with:

<asp:panel id="panelSendEmail" runat="server">
<form id="comments_form" action="comments.aspx" runat="server"
onsubmit="return jcap();" >

<p>If you would like to make a comment about the anything
that you see on our web site
or ask a question, then please feel free to use this
comments form.</p>

<b>Your Name :</b><br/>
<input id="name" type="text" size="30" maxlength="256"
name="Senders_Name"/>
<p></p>

<b>Your E-Mail Address :</b><br/>
<input id="email" type="text" size="30" maxlength="80"
name="_reply"
onblur="return isValidEmail(email, true)"/>

<p></p>
<b>Your Phone Number:</b><br/>
<input id="phone"type="text" size="15" maxlength="15"
name="Phone"/>
<p></p>

<b>Your Comments :</b><br/>
<textarea id="message" name="Senders_Comments" rows="6"
cols="60"></textarea>
<p></p>
<p>Please enter the word that you see in the image </p>
<p><script type="text/javascript">sjcap();</script></p>
<noscript><p>[This resource requires a Javascript enabled
browser.]</p></noscript>
<asp:button runat="server" id="contact_us" Text="Submit"
OnClick="contactUS_Click" />
<input type="reset" value="Reset"/>
</form>
</asp:panel>

<asp:panel id="panelMailSent" runat="server" Visible="False">
Thank you for your comments.
</asp:panel>

Aug 16 '08 #1
Share this Question
Share on Google+
5 Replies


P: n/a
The worker process running your application does not have permission to read
the environment variable. I think you know this part. What I don't
understand is what it is happening A couple of questions. Is this a web app
or windows app? You can fix this easy with an appropriate CAS policy but I'd
recommend you figure out what is going wrong first.

--

Regards,
Alvin Bruney [MVP ASP.NET]

[Shameless Author plug]
Download OWC Black Book, 2nd Edition
Exclusively on www.lulu.com/owc $15.00
Need a free copy of VSTS 2008 w/ MSDN Premium?
http://msmvps.com/blogs/alvin/Default.aspx
-------------------------------------------------------
"Henry Stock" <he***@henry-stock.comwrote in message
news:#l**************@TK2MSFTNGP02.phx.gbl...
>
I am trying to understand the following error:
Any thing you can tell me about this is appreciated.

Security Exception
Description: The application attempted to perform an operation not allowed
by the security policy. To grant this application the required permission
please contact your system administrator or change the application's trust
level in the configuration file.

Exception Details: for the permission of type
'System.Security.Permissions.EnvironmentPermission , mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:
Line 45:
Line 46: //create the smtp client
Line 47: SmtpClient _smtp = new SmtpClient("mrelay.perfora.net");
Line 48: _smtp.DeliveryMethod = SmtpDeliveryMethod.Network;
Line 49: try

Source File: e:\kunden\homepages\34\d252335749\comments.aspx.cs Line:
47

Stack Trace:
[SecurityException: Request for the permission of type
'System.Security.Permissions.EnvironmentPermission , mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'
failed.]
System.Security.CodeAccessSecurityEngine.Check(Obj ect demand,
StackCrawlMark& stackMark, Boolean isPermSet) +0
System.Security.CodeAccessPermission.Demand() +59
System.Net.CredentialCache.get_DefaultCredentials( ) +59

System.Net.Configuration.SmtpNetworkElementInterna l..ctor(SmtpNetworkElement
element) +55
System.Net.Configuration.SmtpSectionInternal..ctor (SmtpSection section)
+65
System.Net.Configuration.SmtpSectionInternal.GetSe ction() +173
System.Net.Mail.SmtpClient.get_MailConfiguration() +45
System.Net.Mail.SmtpClient.Initialize() +223
System.Net.Mail.SmtpClient..ctor(String host) +162
comments.contactUS_Click(Object sender, EventArgs e) in
e:\kunden\homepages\34\d252335749\comments.aspx.cs :47
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +105
System.Web.UI.WebControls.Button.RaisePostBackEven t(String
eventArgument) +107

System.Web.UI.WebControls.Button.System.Web.UI.IPo stBackEventHandler.RaisePostBackEvent(String
eventArgument) +7
System.Web.UI.Page.RaisePostBackEvent(IPostBackEve ntHandler
sourceControl, String eventArgument) +11
System.Web.UI.Page.RaisePostBackEvent(NameValueCol lection postData) +33
System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +7350
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint,
Boolean includeStagesAfterAsyncPoint) +213
System.Web.UI.Page.ProcessRequest() +86
System.Web.UI.Page.ProcessRequestWithNoAssert(Http Context context) +18
System.Web.UI.Page.ProcessRequest(HttpContext context) +49
ASP.comments_aspx.ProcessRequest(HttpContext context) in
App_Web_xytww0yg.0.cs:0

System.Web.CallHandlerExecutionStep.System.Web.Htt pApplication.IExecutionStep.Execute()
+358
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean&
completedSynchronously) +64
When I did a Google search I came up with the following url and
explanation:

http://support.microsoft.com/kb/814741

CAUSE
The System.Security.Permissions.EnvironmentPermission class in
Mscorlib.dll controls the access to the user environment variables.
SystemInformation.UserName in the application requests the permission from
the EnvironmentPermission class to access the UserName environment
variable. However, in the Local Intranet zone, System.Windows.Forms does
not have permissions to access the Windows user name, and the request is
not served by Mscorlib.dll. Therefore, a security exception is raised when
you run the application.

The problem with this is that the code they give you to test with is
linked to Windows Forms;

//display the UserName currently logged
Console.WriteLine(System.Environment.UserName);
Console.ReadLine();

Even if I set this to Response.Write( ... ); System.Environment.UserName
is not available in a remote web environment.

The following is code from my web.config file. I have disguised my userID
and Password.

<system.net>
<mailSettings>
<smtp deliveryMethod="Network">
<!-- The <networknode supports the following properties, but we won't
use all of them
<network host="127.0.0.1" port="25" userName="myUserName"
password="OpenSesame" defaultCredentials="true" />
-->

<network host="mrelay.perfora.net" userName="in**@mydomain.org"
password="mypwd" defaultCredentials="true"/>
</smtp>
</mailSettings>
</system.net>

The following is the click event function that triggers the error code; it
is linked to a submit button on the form:

protected void contactUS_Click(object sender, EventArgs e)
{
//Things to Do:
// Validate form fields:
// Name field should be letters and spaces only. Can't be blank or
only spaces.
// Phone field may have () - spaces and digits
// email address must be properly formatted.
// Eventually I would like to add a check for domain validity
// After edits I need to create the message
//String from_addr = new String(FindControl("email").ToString());
MailAddress _from = new MailAddress("in**@mydomain.org");
MailAddress _sender = new MailAddress("in**@mydomain.org");
MailAddress _to = new MailAddress("we*******@mydomain.org");
MailMessage msg = new MailMessage(_from,_to);
msg.Sender = _sender;
msg.Subject = "Feedback from Comments Form";
StringBuilder sbuilder = new StringBuilder();
//Build string for message body
sbuilder.AppendLine("Senders IP Address: " +
Request.ServerVariables["remote_addr"].ToString());
sbuilder.AppendLine("Name: " +
comments_form.Controls[0].ToString());
sbuilder.AppendLine("Email: " +
comments_form.Controls[1].ToString());
sbuilder.AppendLine("Phone: " +
comments_form.Controls[2].ToString());
sbuilder.AppendLine("Message: " +
comments_form.Controls[3].ToString());
//assign string value to message body
msg.Body = sbuilder.ToString();

//create the smtp client

SmtpClient _smtp = new SmtpClient("mrelay.perfora.net");
_smtp.DeliveryMethod = SmtpDeliveryMethod.Network;

try
{
_smtp.Send(msg);

}
catch (ArgumentNullException )
{
Response.Write("Argument Null Exception");
}
catch (ArgumentOutOfRangeException )
{
Response.Write("Argument out of Range Exception");
}
catch (SmtpException )
{
Response.Write("SMTP Exception");
}
catch
{
Response.Write("Something else happened");
}

}

The following is the web page form that I am dealing with:

<asp:panel id="panelSendEmail" runat="server">
<form id="comments_form" action="comments.aspx" runat="server"
onsubmit="return jcap();" >

<p>If you would like to make a comment about the anything
that you see on our web site
or ask a question, then please feel free to use this
comments form.</p>

<b>Your Name :</b><br/>
<input id="name" type="text" size="30" maxlength="256"
name="Senders_Name"/>
<p></p>

<b>Your E-Mail Address :</b><br/>
<input id="email" type="text" size="30" maxlength="80"
name="_reply"
onblur="return isValidEmail(email, true)"/>

<p></p>
<b>Your Phone Number:</b><br/>
<input id="phone"type="text" size="15" maxlength="15"
name="Phone"/>
<p></p>

<b>Your Comments :</b><br/>
<textarea id="message" name="Senders_Comments" rows="6"
cols="60"></textarea>
<p></p>
<p>Please enter the word that you see in the image </p>
<p><script type="text/javascript">sjcap();</script></p>
<noscript><p>[This resource requires a Javascript enabled
browser.]</p></noscript>
<asp:button runat="server" id="contact_us" Text="Submit"
OnClick="contactUS_Click" />
<input type="reset" value="Reset"/>
</form>
</asp:panel>

<asp:panel id="panelMailSent" runat="server" Visible="False">
Thank you for your comments.
</asp:panel>
Aug 16 '08 #2

P: n/a
This is definitely a web application and this is what I am getting on their
server.

In my test evironment I am getting an SmtpException at the point of sending
the message, but this may be because my local server does not have
appropriate access to the remote mail forwarder. I know that the user ID
and password I am using in my web.config are valid. My ISP told me to use
the server specified in code. The one I use for my normal mail client is
"smtp.1and1.com".

What is a CAS policy? Can I set this up in code or do I have to get my ISP
involved?

"Alvin Bruney [ASP.NET MVP]" <vapor dan using hot male spam filterwrote in
message news:B4**********************************@microsof t.com...
The worker process running your application does not have permission to
read the environment variable. I think you know this part. What I don't
understand is what it is happening A couple of questions. Is this a web
app or windows app? You can fix this easy with an appropriate CAS policy
but I'd recommend you figure out what is going wrong first.

--

Regards,
Alvin Bruney [MVP ASP.NET]

[Shameless Author plug]
Download OWC Black Book, 2nd Edition
Exclusively on www.lulu.com/owc $15.00
Need a free copy of VSTS 2008 w/ MSDN Premium?
http://msmvps.com/blogs/alvin/Default.aspx
-------------------------------------------------------
"Henry Stock" <he***@henry-stock.comwrote in message
news:#l**************@TK2MSFTNGP02.phx.gbl...
>>
I am trying to understand the following error:
Any thing you can tell me about this is appreciated.

Security Exception
Description: The application attempted to perform an operation not
allowed by the security policy. To grant this application the required
permission please contact your system administrator or change the
application's trust level in the configuration file.

Exception Details: for the permission of type
'System.Security.Permissions.EnvironmentPermissio n, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'
failed.

Source Error:
Line 45:
Line 46: //create the smtp client
Line 47: SmtpClient _smtp = new SmtpClient("mrelay.perfora.net");
Line 48: _smtp.DeliveryMethod = SmtpDeliveryMethod.Network;
Line 49: try

Source File: e:\kunden\homepages\34\d252335749\comments.aspx.cs Line:
47

Stack Trace:
[SecurityException: Request for the permission of type
'System.Security.Permissions.EnvironmentPermissio n, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'
failed.]
System.Security.CodeAccessSecurityEngine.Check(Obj ect demand,
StackCrawlMark& stackMark, Boolean isPermSet) +0
System.Security.CodeAccessPermission.Demand() +59
System.Net.CredentialCache.get_DefaultCredentials( ) +59

System.Net.Configuration.SmtpNetworkElementIntern al..ctor(SmtpNetworkElement
element) +55
System.Net.Configuration.SmtpSectionInternal..ctor (SmtpSection section)
+65
System.Net.Configuration.SmtpSectionInternal.GetSe ction() +173
System.Net.Mail.SmtpClient.get_MailConfiguration() +45
System.Net.Mail.SmtpClient.Initialize() +223
System.Net.Mail.SmtpClient..ctor(String host) +162
comments.contactUS_Click(Object sender, EventArgs e) in
e:\kunden\homepages\34\d252335749\comments.aspx.c s:47
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +105
System.Web.UI.WebControls.Button.RaisePostBackEven t(String
eventArgument) +107

System.Web.UI.WebControls.Button.System.Web.UI.IP ostBackEventHandler.RaisePostBackEvent(String
eventArgument) +7
System.Web.UI.Page.RaisePostBackEvent(IPostBackEve ntHandler
sourceControl, String eventArgument) +11
System.Web.UI.Page.RaisePostBackEvent(NameValueCol lection postData) +33
System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
+7350
System.Web.UI.Page.ProcessRequest(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +213
System.Web.UI.Page.ProcessRequest() +86
System.Web.UI.Page.ProcessRequestWithNoAssert(Http Context context) +18
System.Web.UI.Page.ProcessRequest(HttpContext context) +49
ASP.comments_aspx.ProcessRequest(HttpContext context) in
App_Web_xytww0yg.0.cs:0

System.Web.CallHandlerExecutionStep.System.Web.Ht tpApplication.IExecutionStep.Execute()
+358
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean&
completedSynchronously) +64
When I did a Google search I came up with the following url and
explanation:

http://support.microsoft.com/kb/814741

CAUSE
The System.Security.Permissions.EnvironmentPermission class in
Mscorlib.dll controls the access to the user environment variables.
SystemInformation.UserName in the application requests the permission
from the EnvironmentPermission class to access the UserName environment
variable. However, in the Local Intranet zone, System.Windows.Forms does
not have permissions to access the Windows user name, and the request is
not served by Mscorlib.dll. Therefore, a security exception is raised
when you run the application.

The problem with this is that the code they give you to test with is
linked to Windows Forms;

//display the UserName currently logged
Console.WriteLine(System.Environment.UserName);
Console.ReadLine();

Even if I set this to Response.Write( ... ); System.Environment.UserName
is not available in a remote web environment.

The following is code from my web.config file. I have disguised my
userID and Password.

<system.net>
<mailSettings>
<smtp deliveryMethod="Network">
<!-- The <networknode supports the following properties, but we won't
use all of them
<network host="127.0.0.1" port="25" userName="myUserName"
password="OpenSesame" defaultCredentials="true" />
-->

<network host="mrelay.perfora.net" userName="in**@mydomain.org"
password="mypwd" defaultCredentials="true"/>
</smtp>
</mailSettings>
</system.net>

The following is the click event function that triggers the error code;
it is linked to a submit button on the form:

protected void contactUS_Click(object sender, EventArgs e)
{
//Things to Do:
// Validate form fields:
// Name field should be letters and spaces only. Can't be blank or
only spaces.
// Phone field may have () - spaces and digits
// email address must be properly formatted.
// Eventually I would like to add a check for domain validity
// After edits I need to create the message
//String from_addr = new String(FindControl("email").ToString());
MailAddress _from = new MailAddress("in**@mydomain.org");
MailAddress _sender = new MailAddress("in**@mydomain.org");
MailAddress _to = new MailAddress("we*******@mydomain.org");
MailMessage msg = new MailMessage(_from,_to);
msg.Sender = _sender;
msg.Subject = "Feedback from Comments Form";
StringBuilder sbuilder = new StringBuilder();
//Build string for message body
sbuilder.AppendLine("Senders IP Address: " +
Request.ServerVariables["remote_addr"].ToString());
sbuilder.AppendLine("Name: " +
comments_form.Controls[0].ToString());
sbuilder.AppendLine("Email: " +
comments_form.Controls[1].ToString());
sbuilder.AppendLine("Phone: " +
comments_form.Controls[2].ToString());
sbuilder.AppendLine("Message: " +
comments_form.Controls[3].ToString());
//assign string value to message body
msg.Body = sbuilder.ToString();

//create the smtp client

SmtpClient _smtp = new SmtpClient("mrelay.perfora.net");
_smtp.DeliveryMethod = SmtpDeliveryMethod.Network;

try
{
_smtp.Send(msg);

}
catch (ArgumentNullException )
{
Response.Write("Argument Null Exception");
}
catch (ArgumentOutOfRangeException )
{
Response.Write("Argument out of Range Exception");
}
catch (SmtpException )
{
Response.Write("SMTP Exception");
}
catch
{
Response.Write("Something else happened");
}

}

The following is the web page form that I am dealing with:

<asp:panel id="panelSendEmail" runat="server">
<form id="comments_form" action="comments.aspx" runat="server"
onsubmit="return jcap();" >

<p>If you would like to make a comment about the anything
that you see on our web site
or ask a question, then please feel free to use this
comments form.</p>

<b>Your Name :</b><br/>
<input id="name" type="text" size="30" maxlength="256"
name="Senders_Name"/>
<p></p>

<b>Your E-Mail Address :</b><br/>
<input id="email" type="text" size="30" maxlength="80"
name="_reply"
onblur="return isValidEmail(email, true)"/>

<p></p>
<b>Your Phone Number:</b><br/>
<input id="phone"type="text" size="15" maxlength="15"
name="Phone"/>
<p></p>

<b>Your Comments :</b><br/>
<textarea id="message" name="Senders_Comments" rows="6"
cols="60"></textarea>
<p></p>
<p>Please enter the word that you see in the image </p>
<p><script type="text/javascript">sjcap();</script></p>
<noscript><p>[This resource requires a Javascript enabled
browser.]</p></noscript>
<asp:button runat="server" id="contact_us" Text="Submit"
OnClick="contactUS_Click" />
<input type="reset" value="Reset"/>
</form>
</asp:panel>

<asp:panel id="panelMailSent" runat="server" Visible="False">
Thank you for your comments.
</asp:panel>

Aug 17 '08 #3

P: n/a
Get your ISP to turn CAS policy off on the server while you test. If the
problem goes away, you have to create a CAS policy to grant your code the
appropriate permission. If turning off CAS policy doesn't work, roll up your
sleeves because it will be a long night.

caspol -s off

I still don't really understand why you are getting this error. I also don't
recognize your code, smtp client takes two parameters, is this a custom smtp
class you created? In any case, you may be able to use this code to patch it
http://msdn.microsoft.com/en-us/libr...ermission.aspx
however, it leads me to believe something changed in the framework. Can you
tell me what version of the .net framework you are running? I'm missing
something here.
--

Regards,
Alvin Bruney [MVP ASP.NET]

[Shameless Author plug]
Download OWC Black Book, 2nd Edition
Exclusively on www.lulu.com/owc $15.00
Need a free copy of VSTS 2008 w/ MSDN Premium?
http://msmvps.com/blogs/alvin/Default.aspx
-------------------------------------------------------
"Henry Stock" <he***@henry-stock.comwrote in message
news:Oe**************@TK2MSFTNGP02.phx.gbl...
This is definitely a web application and this is what I am getting on
their server.

In my test evironment I am getting an SmtpException at the point of
sending the message, but this may be because my local server does not have
appropriate access to the remote mail forwarder. I know that the user ID
and password I am using in my web.config are valid. My ISP told me to use
the server specified in code. The one I use for my normal mail client is
"smtp.1and1.com".

What is a CAS policy? Can I set this up in code or do I have to get my
ISP involved?

"Alvin Bruney [ASP.NET MVP]" <vapor dan using hot male spam filterwrote
in message news:B4**********************************@microsof t.com...
>The worker process running your application does not have permission to
read the environment variable. I think you know this part. What I don't
understand is what it is happening A couple of questions. Is this a web
app or windows app? You can fix this easy with an appropriate CAS policy
but I'd recommend you figure out what is going wrong first.

--

Regards,
Alvin Bruney [MVP ASP.NET]

[Shameless Author plug]
Download OWC Black Book, 2nd Edition
Exclusively on www.lulu.com/owc $15.00
Need a free copy of VSTS 2008 w/ MSDN Premium?
http://msmvps.com/blogs/alvin/Default.aspx
-------------------------------------------------------
"Henry Stock" <he***@henry-stock.comwrote in message
news:#l**************@TK2MSFTNGP02.phx.gbl...
>>>
I am trying to understand the following error:
Any thing you can tell me about this is appreciated.

Security Exception
Description: The application attempted to perform an operation not
allowed by the security policy. To grant this application the required
permission please contact your system administrator or change the
application's trust level in the configuration file.

Exception Details: for the permission of type
'System.Security.Permissions.EnvironmentPermissi on, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'
failed.

Source Error:
Line 45:
Line 46: //create the smtp client
Line 47: SmtpClient _smtp = new
SmtpClient("mrelay.perfora.net");
Line 48: _smtp.DeliveryMethod = SmtpDeliveryMethod.Network;
Line 49: try

Source File: e:\kunden\homepages\34\d252335749\comments.aspx.cs Line:
47

Stack Trace:
[SecurityException: Request for the permission of type
'System.Security.Permissions.EnvironmentPermissi on, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'
failed.]
System.Security.CodeAccessSecurityEngine.Check(Obj ect demand,
StackCrawlMark& stackMark, Boolean isPermSet) +0
System.Security.CodeAccessPermission.Demand() +59
System.Net.CredentialCache.get_DefaultCredentials( ) +59

System.Net.Configuration.SmtpNetworkElementInter nal..ctor(SmtpNetworkElement
element) +55
System.Net.Configuration.SmtpSectionInternal..ctor (SmtpSection
section) +65
System.Net.Configuration.SmtpSectionInternal.GetSe ction() +173
System.Net.Mail.SmtpClient.get_MailConfiguration() +45
System.Net.Mail.SmtpClient.Initialize() +223
System.Net.Mail.SmtpClient..ctor(String host) +162
comments.contactUS_Click(Object sender, EventArgs e) in
e:\kunden\homepages\34\d252335749\comments.aspx. cs:47
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +105
System.Web.UI.WebControls.Button.RaisePostBackEven t(String
eventArgument) +107

System.Web.UI.WebControls.Button.System.Web.UI.I PostBackEventHandler.RaisePostBackEvent(String
eventArgument) +7
System.Web.UI.Page.RaisePostBackEvent(IPostBackEve ntHandler
sourceControl, String eventArgument) +11
System.Web.UI.Page.RaisePostBackEvent(NameValueCol lection postData)
+33
System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
+7350
System.Web.UI.Page.ProcessRequest(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
+213
System.Web.UI.Page.ProcessRequest() +86
System.Web.UI.Page.ProcessRequestWithNoAssert(Http Context context) +18
System.Web.UI.Page.ProcessRequest(HttpContext context) +49
ASP.comments_aspx.ProcessRequest(HttpContext context) in
App_Web_xytww0yg.0.cs:0

System.Web.CallHandlerExecutionStep.System.Web.H ttpApplication.IExecutionStep.Execute()
+358
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean&
completedSynchronously) +64
When I did a Google search I came up with the following url and
explanation:

http://support.microsoft.com/kb/814741

CAUSE
The System.Security.Permissions.EnvironmentPermission class in
Mscorlib.dll controls the access to the user environment variables.
SystemInformation.UserName in the application requests the permission
from the EnvironmentPermission class to access the UserName environment
variable. However, in the Local Intranet zone, System.Windows.Forms does
not have permissions to access the Windows user name, and the request is
not served by Mscorlib.dll. Therefore, a security exception is raised
when you run the application.

The problem with this is that the code they give you to test with is
linked to Windows Forms;

//display the UserName currently logged
Console.WriteLine(System.Environment.UserName);
Console.ReadLine();

Even if I set this to Response.Write( ... );
System.Environment.UserName is not available in a remote web
environment.

The following is code from my web.config file. I have disguised my
userID and Password.

<system.net>
<mailSettings>
<smtp deliveryMethod="Network">
<!-- The <networknode supports the following properties, but we
won't use all of them
<network host="127.0.0.1" port="25" userName="myUserName"
password="OpenSesame" defaultCredentials="true" />
-->

<network host="mrelay.perfora.net" userName="in**@mydomain.org"
password="mypwd" defaultCredentials="true"/>
</smtp>
</mailSettings>
</system.net>

The following is the click event function that triggers the error code;
it is linked to a submit button on the form:

protected void contactUS_Click(object sender, EventArgs e)
{
//Things to Do:
// Validate form fields:
// Name field should be letters and spaces only. Can't be blank
or only spaces.
// Phone field may have () - spaces and digits
// email address must be properly formatted.
// Eventually I would like to add a check for domain validity
// After edits I need to create the message
//String from_addr = new String(FindControl("email").ToString());
MailAddress _from = new MailAddress("in**@mydomain.org");
MailAddress _sender = new MailAddress("in**@mydomain.org");
MailAddress _to = new MailAddress("we*******@mydomain.org");
MailMessage msg = new MailMessage(_from,_to);
msg.Sender = _sender;
msg.Subject = "Feedback from Comments Form";
StringBuilder sbuilder = new StringBuilder();
//Build string for message body
sbuilder.AppendLine("Senders IP Address: " +
Request.ServerVariables["remote_addr"].ToString());
sbuilder.AppendLine("Name: " +
comments_form.Controls[0].ToString());
sbuilder.AppendLine("Email: " +
comments_form.Controls[1].ToString());
sbuilder.AppendLine("Phone: " +
comments_form.Controls[2].ToString());
sbuilder.AppendLine("Message: " +
comments_form.Controls[3].ToString());
//assign string value to message body
msg.Body = sbuilder.ToString();

//create the smtp client

SmtpClient _smtp = new SmtpClient("mrelay.perfora.net");
_smtp.DeliveryMethod = SmtpDeliveryMethod.Network;

try
{
_smtp.Send(msg);

}
catch (ArgumentNullException )
{
Response.Write("Argument Null Exception");
}
catch (ArgumentOutOfRangeException )
{
Response.Write("Argument out of Range Exception");
}
catch (SmtpException )
{
Response.Write("SMTP Exception");
}
catch
{
Response.Write("Something else happened");
}

}

The following is the web page form that I am dealing with:

<asp:panel id="panelSendEmail" runat="server">
<form id="comments_form" action="comments.aspx" runat="server"
onsubmit="return jcap();" >

<p>If you would like to make a comment about the anything
that you see on our web site
or ask a question, then please feel free to use this
comments form.</p>

<b>Your Name :</b><br/>
<input id="name" type="text" size="30" maxlength="256"
name="Senders_Name"/>
<p></p>

<b>Your E-Mail Address :</b><br/>
<input id="email" type="text" size="30" maxlength="80"
name="_reply"
onblur="return isValidEmail(email, true)"/>

<p></p>
<b>Your Phone Number:</b><br/>
<input id="phone"type="text" size="15" maxlength="15"
name="Phone"/>
<p></p>

<b>Your Comments :</b><br/>
<textarea id="message" name="Senders_Comments" rows="6"
cols="60"></textarea>
<p></p>
<p>Please enter the word that you see in the image </p>
<p><script type="text/javascript">sjcap();</script></p>
<noscript><p>[This resource requires a Javascript enabled
browser.]</p></noscript>
<asp:button runat="server" id="contact_us" Text="Submit"
OnClick="contactUS_Click" />
<input type="reset" value="Reset"/>
</form>
</asp:panel>

<asp:panel id="panelMailSent" runat="server" Visible="False">
Thank you for your comments.
</asp:panel>

Aug 17 '08 #4

P: n/a
http://msdn.microsoft.com/en-us/libr...nt(VS.80).aspx

I was guided by a tech support person at 1and1 in using that constructor,
but the link above is a reference on the Microsoft site that says that is
legal.

I had already tried the constructor with two parameters, a server, and a
port number. I did not try the constructor without any parameters that
should take data directly from the web.config file, if I understand it
correctly.
"Alvin Bruney [ASP.NET MVP]" <vapor dan using hot male spam filterwrote in
message news:54**********************************@microsof t.com...
Get your ISP to turn CAS policy off on the server while you test. If the
problem goes away, you have to create a CAS policy to grant your code the
appropriate permission. If turning off CAS policy doesn't work, roll up
your sleeves because it will be a long night.

caspol -s off

I still don't really understand why you are getting this error. I also
don't recognize your code, smtp client takes two parameters, is this a
custom smtp class you created? In any case, you may be able to use this
code to patch it
http://msdn.microsoft.com/en-us/libr...ermission.aspx
however, it leads me to believe something changed in the framework. Can
you tell me what version of the .net framework you are running? I'm
missing something here.
--

Regards,
Alvin Bruney [MVP ASP.NET]

[Shameless Author plug]
Download OWC Black Book, 2nd Edition
Exclusively on www.lulu.com/owc $15.00
Need a free copy of VSTS 2008 w/ MSDN Premium?
http://msmvps.com/blogs/alvin/Default.aspx
-------------------------------------------------------
"Henry Stock" <he***@henry-stock.comwrote in message
news:Oe**************@TK2MSFTNGP02.phx.gbl...
>This is definitely a web application and this is what I am getting on
their server.

In my test evironment I am getting an SmtpException at the point of
sending the message, but this may be because my local server does not
have appropriate access to the remote mail forwarder. I know that the
user ID and password I am using in my web.config are valid. My ISP told
me to use the server specified in code. The one I use for my normal mail
client is "smtp.1and1.com".

What is a CAS policy? Can I set this up in code or do I have to get my
ISP involved?

"Alvin Bruney [ASP.NET MVP]" <vapor dan using hot male spam filterwrote
in message news:B4**********************************@microsof t.com...
>>The worker process running your application does not have permission to
read the environment variable. I think you know this part. What I don't
understand is what it is happening A couple of questions. Is this a web
app or windows app? You can fix this easy with an appropriate CAS policy
but I'd recommend you figure out what is going wrong first.

--

Regards,
Alvin Bruney [MVP ASP.NET]

[Shameless Author plug]
Download OWC Black Book, 2nd Edition
Exclusively on www.lulu.com/owc $15.00
Need a free copy of VSTS 2008 w/ MSDN Premium?
http://msmvps.com/blogs/alvin/Default.aspx
-------------------------------------------------------
"Henry Stock" <he***@henry-stock.comwrote in message
news:#l**************@TK2MSFTNGP02.phx.gbl...

I am trying to understand the following error:
Any thing you can tell me about this is appreciated.

Security Exception
Description: The application attempted to perform an operation not
allowed by the security policy. To grant this application the required
permission please contact your system administrator or change the
application's trust level in the configuration file.

Exception Details: for the permission of type
'System.Security.Permissions.EnvironmentPermiss ion, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'
failed.

Source Error:
Line 45:
Line 46: //create the smtp client
Line 47: SmtpClient _smtp = new
SmtpClient("mrelay.perfora.net");
Line 48: _smtp.DeliveryMethod = SmtpDeliveryMethod.Network;
Line 49: try

Source File: e:\kunden\homepages\34\d252335749\comments.aspx.cs
Line: 47

Stack Trace:
[SecurityException: Request for the permission of type
'System.Security.Permissions.EnvironmentPermiss ion, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'
failed.]
System.Security.CodeAccessSecurityEngine.Check(Obj ect demand,
StackCrawlMark& stackMark, Boolean isPermSet) +0
System.Security.CodeAccessPermission.Demand() +59
System.Net.CredentialCache.get_DefaultCredentials( ) +59

System.Net.Configuration.SmtpNetworkElementInte rnal..ctor(SmtpNetworkElement
element) +55
System.Net.Configuration.SmtpSectionInternal..ctor (SmtpSection
section) +65
System.Net.Configuration.SmtpSectionInternal.GetSe ction() +173
System.Net.Mail.SmtpClient.get_MailConfiguration() +45
System.Net.Mail.SmtpClient.Initialize() +223
System.Net.Mail.SmtpClient..ctor(String host) +162
comments.contactUS_Click(Object sender, EventArgs e) in
e:\kunden\homepages\34\d252335749\comments.aspx .cs:47
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +105
System.Web.UI.WebControls.Button.RaisePostBackEven t(String
eventArgument) +107

System.Web.UI.WebControls.Button.System.Web.UI. IPostBackEventHandler.RaisePostBackEvent(String
eventArgument) +7
System.Web.UI.Page.RaisePostBackEvent(IPostBackEve ntHandler
sourceControl, String eventArgument) +11
System.Web.UI.Page.RaisePostBackEvent(NameValueCol lection postData)
+33
System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
+7350
System.Web.UI.Page.ProcessRequest(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
+213
System.Web.UI.Page.ProcessRequest() +86
System.Web.UI.Page.ProcessRequestWithNoAssert(Http Context context)
+18
System.Web.UI.Page.ProcessRequest(HttpContext context) +49
ASP.comments_aspx.ProcessRequest(HttpContext context) in
App_Web_xytww0yg.0.cs:0

System.Web.CallHandlerExecutionStep.System.Web. HttpApplication.IExecutionStep.Execute()
+358
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean&
completedSynchronously) +64
When I did a Google search I came up with the following url and
explanation:

http://support.microsoft.com/kb/814741

CAUSE
The System.Security.Permissions.EnvironmentPermission class in
Mscorlib.dll controls the access to the user environment variables.
SystemInformation.UserName in the application requests the permission
from the EnvironmentPermission class to access the UserName environment
variable. However, in the Local Intranet zone, System.Windows.Forms
does not have permissions to access the Windows user name, and the
request is not served by Mscorlib.dll. Therefore, a security exception
is raised when you run the application.

The problem with this is that the code they give you to test with is
linked to Windows Forms;

//display the UserName currently logged
Console.WriteLine(System.Environment.UserName);
Console.ReadLine();

Even if I set this to Response.Write( ... );
System.Environment.UserName is not available in a remote web
environment.

The following is code from my web.config file. I have disguised my
userID and Password.

<system.net>
<mailSettings>
<smtp deliveryMethod="Network">
<!-- The <networknode supports the following properties, but we
won't use all of them
<network host="127.0.0.1" port="25" userName="myUserName"
password="OpenSesame" defaultCredentials="true" />
-->

<network host="mrelay.perfora.net" userName="in**@mydomain.org"
password="mypwd" defaultCredentials="true"/>
</smtp>
</mailSettings>
</system.net>

The following is the click event function that triggers the error code;
it is linked to a submit button on the form:

protected void contactUS_Click(object sender, EventArgs e)
{
//Things to Do:
// Validate form fields:
// Name field should be letters and spaces only. Can't be blank
or only spaces.
// Phone field may have () - spaces and digits
// email address must be properly formatted.
// Eventually I would like to add a check for domain validity
// After edits I need to create the message
//String from_addr = new
String(FindControl("email").ToString());
MailAddress _from = new MailAddress("in**@mydomain.org");
MailAddress _sender = new MailAddress("in**@mydomain.org");
MailAddress _to = new MailAddress("we*******@mydomain.org");
MailMessage msg = new MailMessage(_from,_to);
msg.Sender = _sender;
msg.Subject = "Feedback from Comments Form";
StringBuilder sbuilder = new StringBuilder();
//Build string for message body
sbuilder.AppendLine("Senders IP Address: " +
Request.ServerVariables["remote_addr"].ToString());
sbuilder.AppendLine("Name: " +
comments_form.Controls[0].ToString());
sbuilder.AppendLine("Email: " +
comments_form.Controls[1].ToString());
sbuilder.AppendLine("Phone: " +
comments_form.Controls[2].ToString());
sbuilder.AppendLine("Message: " +
comments_form.Controls[3].ToString());
//assign string value to message body
msg.Body = sbuilder.ToString();

//create the smtp client

SmtpClient _smtp = new SmtpClient("mrelay.perfora.net");
_smtp.DeliveryMethod = SmtpDeliveryMethod.Network;

try
{
_smtp.Send(msg);

}
catch (ArgumentNullException )
{
Response.Write("Argument Null Exception");
}
catch (ArgumentOutOfRangeException )
{
Response.Write("Argument out of Range Exception");
}
catch (SmtpException )
{
Response.Write("SMTP Exception");
}
catch
{
Response.Write("Something else happened");
}

}

The following is the web page form that I am dealing with:

<asp:panel id="panelSendEmail" runat="server">
<form id="comments_form" action="comments.aspx"
runat="server" onsubmit="return jcap();" >

<p>If you would like to make a comment about the
anything that you see on our web site
or ask a question, then please feel free to use this
comments form.</p>

<b>Your Name :</b><br/>
<input id="name" type="text" size="30" maxlength="256"
name="Senders_Name"/>
<p></p>

<b>Your E-Mail Address :</b><br/>
<input id="email" type="text" size="30" maxlength="80"
name="_reply"
onblur="return isValidEmail(email, true)"/>

<p></p>
<b>Your Phone Number:</b><br/>
<input id="phone"type="text" size="15" maxlength="15"
name="Phone"/>
<p></p>

<b>Your Comments :</b><br/>
<textarea id="message" name="Senders_Comments" rows="6"
cols="60"></textarea>
<p></p>
<p>Please enter the word that you see in the image </p>
<p><script type="text/javascript">sjcap();</script></p>
<noscript><p>[This resource requires a Javascript
enabled browser.]</p></noscript>
<asp:button runat="server" id="contact_us" Text="Submit"
OnClick="contactUS_Click" />
<input type="reset" value="Reset"/>
</form>
</asp:panel>

<asp:panel id="panelMailSent" runat="server" Visible="False">
Thank you for your comments.
</asp:panel>


Aug 17 '08 #5

P: n/a
I read the stuff on this
SmtpPermission class but I am still not sure how to put it to use.

I used http://msdn.microsoft.com/en-us/libr...dw(VS.80).aspx

because I have the 2.0 framework. From the sample code I used the following

public static SmtpPermission CreateUnrestrictedPermission()

{

SmtpPermission allAccess = new

SmtpPermission(System.Security.Permissions.Permiss ionState.Unrestricted);

return allAccess;

}

Not sure how to use this...

"Alvin Bruney [ASP.NET MVP]" <vapor dan using hot male spam filterwrote in
message news:54**********************************@microsof t.com...
Get your ISP to turn CAS policy off on the server while you test. If the
problem goes away, you have to create a CAS policy to grant your code the
appropriate permission. If turning off CAS policy doesn't work, roll up
your sleeves because it will be a long night.

caspol -s off

I still don't really understand why you are getting this error. I also
don't recognize your code, smtp client takes two parameters, is this a
custom smtp class you created? In any case, you may be able to use this
code to patch it
http://msdn.microsoft.com/en-us/libr...ermission.aspx
however, it leads me to believe something changed in the framework. Can
you tell me what version of the .net framework you are running? I'm
missing something here.
--

Regards,
Alvin Bruney [MVP ASP.NET]

[Shameless Author plug]
Download OWC Black Book, 2nd Edition
Exclusively on www.lulu.com/owc $15.00
Need a free copy of VSTS 2008 w/ MSDN Premium?
http://msmvps.com/blogs/alvin/Default.aspx
-------------------------------------------------------
"Henry Stock" <he***@henry-stock.comwrote in message
news:Oe**************@TK2MSFTNGP02.phx.gbl...
>This is definitely a web application and this is what I am getting on
their server.

In my test evironment I am getting an SmtpException at the point of
sending the message, but this may be because my local server does not
have appropriate access to the remote mail forwarder. I know that the
user ID and password I am using in my web.config are valid. My ISP told
me to use the server specified in code. The one I use for my normal mail
client is "smtp.1and1.com".

What is a CAS policy? Can I set this up in code or do I have to get my
ISP involved?

"Alvin Bruney [ASP.NET MVP]" <vapor dan using hot male spam filterwrote
in message news:B4**********************************@microsof t.com...
>>The worker process running your application does not have permission to
read the environment variable. I think you know this part. What I don't
understand is what it is happening A couple of questions. Is this a web
app or windows app? You can fix this easy with an appropriate CAS policy
but I'd recommend you figure out what is going wrong first.

--

Regards,
Alvin Bruney [MVP ASP.NET]

[Shameless Author plug]
Download OWC Black Book, 2nd Edition
Exclusively on www.lulu.com/owc $15.00
Need a free copy of VSTS 2008 w/ MSDN Premium?
http://msmvps.com/blogs/alvin/Default.aspx
-------------------------------------------------------
"Henry Stock" <he***@henry-stock.comwrote in message
news:#l**************@TK2MSFTNGP02.phx.gbl...

I am trying to understand the following error:
Any thing you can tell me about this is appreciated.

Security Exception
Description: The application attempted to perform an operation not
allowed by the security policy. To grant this application the required
permission please contact your system administrator or change the
application's trust level in the configuration file.

Exception Details: for the permission of type
'System.Security.Permissions.EnvironmentPermiss ion, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'
failed.

Source Error:
Line 45:
Line 46: //create the smtp client
Line 47: SmtpClient _smtp = new
SmtpClient("mrelay.perfora.net");
Line 48: _smtp.DeliveryMethod = SmtpDeliveryMethod.Network;
Line 49: try

Source File: e:\kunden\homepages\34\d252335749\comments.aspx.cs
Line: 47

Stack Trace:
[SecurityException: Request for the permission of type
'System.Security.Permissions.EnvironmentPermiss ion, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'
failed.]
System.Security.CodeAccessSecurityEngine.Check(Obj ect demand,
StackCrawlMark& stackMark, Boolean isPermSet) +0
System.Security.CodeAccessPermission.Demand() +59
System.Net.CredentialCache.get_DefaultCredentials( ) +59

System.Net.Configuration.SmtpNetworkElementInte rnal..ctor(SmtpNetworkElement
element) +55
System.Net.Configuration.SmtpSectionInternal..ctor (SmtpSection
section) +65
System.Net.Configuration.SmtpSectionInternal.GetSe ction() +173
System.Net.Mail.SmtpClient.get_MailConfiguration() +45
System.Net.Mail.SmtpClient.Initialize() +223
System.Net.Mail.SmtpClient..ctor(String host) +162
comments.contactUS_Click(Object sender, EventArgs e) in
e:\kunden\homepages\34\d252335749\comments.aspx .cs:47
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +105
System.Web.UI.WebControls.Button.RaisePostBackEven t(String
eventArgument) +107

System.Web.UI.WebControls.Button.System.Web.UI. IPostBackEventHandler.RaisePostBackEvent(String
eventArgument) +7
System.Web.UI.Page.RaisePostBackEvent(IPostBackEve ntHandler
sourceControl, String eventArgument) +11
System.Web.UI.Page.RaisePostBackEvent(NameValueCol lection postData)
+33
System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
+7350
System.Web.UI.Page.ProcessRequest(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
+213
System.Web.UI.Page.ProcessRequest() +86
System.Web.UI.Page.ProcessRequestWithNoAssert(Http Context context)
+18
System.Web.UI.Page.ProcessRequest(HttpContext context) +49
ASP.comments_aspx.ProcessRequest(HttpContext context) in
App_Web_xytww0yg.0.cs:0

System.Web.CallHandlerExecutionStep.System.Web. HttpApplication.IExecutionStep.Execute()
+358
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean&
completedSynchronously) +64
When I did a Google search I came up with the following url and
explanation:

http://support.microsoft.com/kb/814741

CAUSE
The System.Security.Permissions.EnvironmentPermission class in
Mscorlib.dll controls the access to the user environment variables.
SystemInformation.UserName in the application requests the permission
from the EnvironmentPermission class to access the UserName environment
variable. However, in the Local Intranet zone, System.Windows.Forms
does not have permissions to access the Windows user name, and the
request is not served by Mscorlib.dll. Therefore, a security exception
is raised when you run the application.

The problem with this is that the code they give you to test with is
linked to Windows Forms;

//display the UserName currently logged
Console.WriteLine(System.Environment.UserName);
Console.ReadLine();

Even if I set this to Response.Write( ... );
System.Environment.UserName is not available in a remote web
environment.

The following is code from my web.config file. I have disguised my
userID and Password.

<system.net>
<mailSettings>
<smtp deliveryMethod="Network">
<!-- The <networknode supports the following properties, but we
won't use all of them
<network host="127.0.0.1" port="25" userName="myUserName"
password="OpenSesame" defaultCredentials="true" />
-->

<network host="mrelay.perfora.net" userName="in**@mydomain.org"
password="mypwd" defaultCredentials="true"/>
</smtp>
</mailSettings>
</system.net>

The following is the click event function that triggers the error code;
it is linked to a submit button on the form:

protected void contactUS_Click(object sender, EventArgs e)
{
//Things to Do:
// Validate form fields:
// Name field should be letters and spaces only. Can't be blank
or only spaces.
// Phone field may have () - spaces and digits
// email address must be properly formatted.
// Eventually I would like to add a check for domain validity
// After edits I need to create the message
//String from_addr = new
String(FindControl("email").ToString());
MailAddress _from = new MailAddress("in**@mydomain.org");
MailAddress _sender = new MailAddress("in**@mydomain.org");
MailAddress _to = new MailAddress("we*******@mydomain.org");
MailMessage msg = new MailMessage(_from,_to);
msg.Sender = _sender;
msg.Subject = "Feedback from Comments Form";
StringBuilder sbuilder = new StringBuilder();
//Build string for message body
sbuilder.AppendLine("Senders IP Address: " +
Request.ServerVariables["remote_addr"].ToString());
sbuilder.AppendLine("Name: " +
comments_form.Controls[0].ToString());
sbuilder.AppendLine("Email: " +
comments_form.Controls[1].ToString());
sbuilder.AppendLine("Phone: " +
comments_form.Controls[2].ToString());
sbuilder.AppendLine("Message: " +
comments_form.Controls[3].ToString());
//assign string value to message body
msg.Body = sbuilder.ToString();

//create the smtp client

SmtpClient _smtp = new SmtpClient("mrelay.perfora.net");
_smtp.DeliveryMethod = SmtpDeliveryMethod.Network;

try
{
_smtp.Send(msg);

}
catch (ArgumentNullException )
{
Response.Write("Argument Null Exception");
}
catch (ArgumentOutOfRangeException )
{
Response.Write("Argument out of Range Exception");
}
catch (SmtpException )
{
Response.Write("SMTP Exception");
}
catch
{
Response.Write("Something else happened");
}

}

The following is the web page form that I am dealing with:

<asp:panel id="panelSendEmail" runat="server">
<form id="comments_form" action="comments.aspx"
runat="server" onsubmit="return jcap();" >

<p>If you would like to make a comment about the
anything that you see on our web site
or ask a question, then please feel free to use this
comments form.</p>

<b>Your Name :</b><br/>
<input id="name" type="text" size="30" maxlength="256"
name="Senders_Name"/>
<p></p>

<b>Your E-Mail Address :</b><br/>
<input id="email" type="text" size="30" maxlength="80"
name="_reply"
onblur="return isValidEmail(email, true)"/>

<p></p>
<b>Your Phone Number:</b><br/>
<input id="phone"type="text" size="15" maxlength="15"
name="Phone"/>
<p></p>

<b>Your Comments :</b><br/>
<textarea id="message" name="Senders_Comments" rows="6"
cols="60"></textarea>
<p></p>
<p>Please enter the word that you see in the image </p>
<p><script type="text/javascript">sjcap();</script></p>
<noscript><p>[This resource requires a Javascript
enabled browser.]</p></noscript>
<asp:button runat="server" id="contact_us" Text="Submit"
OnClick="contactUS_Click" />
<input type="reset" value="Reset"/>
</form>
</asp:panel>

<asp:panel id="panelMailSent" runat="server" Visible="False">
Thank you for your comments.
</asp:panel>


Aug 17 '08 #6

This discussion thread is closed

Replies have been disabled for this discussion.

Browse more ASP.NET Questions on Bytes