467,925 Members | 1,912 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 467,925 developers. It's quick & easy.

Does strong naming require deployment in GAC?

I still haven't gotten through the .NET Framework Security tome on my
desk. Maybe the folks here can answer a burning question.

I want to use strong naming at our organization as a security measure:
we could then indicate that any assemblies we signed are fully trusted,
and so deploy centrally rather than having to deploy on each server.

However, we still want to deploy by copying each app to a separate
deployment directory, rather than using the GAC. Can we do that? Or
does strong naming mean that we have to deploy to the GAC?

Dec 27 '05 #1
  • viewed: 1476
Share:
7 Replies
Yes. Assemblies MUST be strong named

Dec 27 '05 #2
KJ
no

Dec 27 '05 #3
Installing an assembly to the GAC requires that it be strong named.
However, every strong named assembly need not be installed to the GAC.
Hope that clears your doubt.

Regards,
Sarin.

Bruce Wood wrote:
I still haven't gotten through the .NET Framework Security tome on my
desk. Maybe the folks here can answer a burning question.

I want to use strong naming at our organization as a security measure:
we could then indicate that any assemblies we signed are fully trusted,
and so deploy centrally rather than having to deploy on each server.

However, we still want to deploy by copying each app to a separate
deployment directory, rather than using the GAC. Can we do that? Or
does strong naming mean that we have to deploy to the GAC?


Dec 27 '05 #4
Yes, that's what I wanted to know, thanks.

Dec 27 '05 #5
I know that in order to put an assembly into the GAC, it must be
strongly named.

What I was asking was whether a strongly named assembly must be put
into the GAC, or whether it can be put in a directory and loaded from
there.

Sarin answered my question.

Dec 27 '05 #6
Ok. I misread your question.

Dec 27 '05 #7

"Bruce Wood" <br*******@canada.com> wrote in message
news:11**********************@g49g2000cwa.googlegr oups.com...
I still haven't gotten through the .NET Framework Security tome on my
desk. Maybe the folks here can answer a burning question.

I want to use strong naming at our organization as a security measure:
we could then indicate that any assemblies we signed are fully trusted,
and so deploy centrally rather than having to deploy on each server.

However, we still want to deploy by copying each app to a separate
deployment directory, rather than using the GAC. Can we do that? Or
does strong naming mean that we have to deploy to the GAC?


We've seen very odd behavior from strong-named assemblies in virtual
directories, run from ASP.NET, that are not in the GAC. This is in .NET
1.1, on Windows XP. Some sort of non-thread-safe initialization seems to go
on, which leads to weird, unreprodcible failures (things like
NullReferenceExceptions in parts of the code that logically can't have null
references.) When we build the assemblies the same way but don't
strong-name them, the problems go away. It's very weird.

We've worked around it by building two sets of assemblies, strong-named ones
to be installed in the GAC for production builds, and non-strong-named ones
to be copied directly into virtual directories for developer builds.
Dec 28 '05 #8

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

8 posts views Thread by Ted | last post: by
reply views Thread by Vijay Sarathi Reddy.G | last post: by
1 post views Thread by Jimski | last post: by
6 posts views Thread by Manuel Lopez | last post: by
4 posts views Thread by Stefan | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.