Hi folks,
I have the following situation:
- MyApplication.e xe is an WinForms-application that is signed with
"AppKey.snk ".
- MyControls.dll contains a MyComponent-class that I want to drop on a form
on the application. This assembly is signed with "ControlsKey.sn k"
I don't want anyone else using the control from MyControl.dll except
MyApplication.e xe, or any other application that would be signed with
"AppKey.snk ".
Browsing through the newsgroups via Google, I got the understanding
StrongNameIdent ityPermission with LinkDemand-action would be the way to go,
as that would require the immediate caller of MyComponent-class (which
should be MyApplication) to be signed with a specfic key-pair. So I have
done the declarative security on MyComponent-class like this:
<StrongNameIden tityPermission( SecurityAction. LinkDemand, _
PublicKey:="002 400000480000094 000000060200000 024000052534131 000400" & _
"0001000100bfb4 cb9b5d7c4d678b8 35fafd56d6bdba7 4774d3c5f6" & _
"38f2261885275f abefd93be9f7c5a 5f4c7e180231318 5263eff0f5" & _
"23f4f6e54e4fd3 8375ab64257fe48 4609d237a650874 6faa9f929a" & _
"03eac98c629795 5e8649bf3a660c2 f1a2117001699d4 2ca00b572a" & _
"d69a005de41412 73bbc93fbe670e1 01be349076074fa cc5fb6")> _
Public Class MyComponent
Inherits System.Componen tModel.Componen t
.....etc...
The Hex-string contains the public key from AppKey.snk.
Here is the problem: When I run my MyApplication I always get an exception
on the "InitializeComp onent"-call on my application, i.e. in the designer
generated constructor:
Public Sub New()
MyBase.New()
Try
'This call is required by the Windows Form Designer.
InitializeCompo nent() <-- Debugger stops here, if "break on
exception" is on.
'Add any initialization after the InitializeCompo nent() call
Catch ex As Exception
Windows.Forms.M essageBox.Show( ex.Message, "Exception" )
End Try
End Sub
The exception message is:
"Request for the permission of type
System.Security .Permissions.St rongNameIdentit yPermission, mscorlib,
Version=1.0.500 0.0, Culture=neutral , PublicKeyToken= b77a5c561934e08 9
failed."
And stacktrace is:
" at MyApplication.M ainForm.Initial izeComponent()
at Myapplication.M ainForm..ctor() in
C:\Work\MyAppli cation\Source\M ainForm.vb:line 23"
Now why does that happen? I would understand if I would use Demand-action on
the permission but why can't I get the LinkDemand to work? Should I do some
declarative stuff on MyApplication as well?
Regards,
- Petri 0 1196 This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: David McNab |
last post by:
Hi,
I'm writing a web app framework which stores pickles in client cookies.
The obvious security risk is that some 5cr1p7 X1ddi35 will inevitably try
tampering with the cookie and malforming it in an attempt to get the
server-side python code to run arbitrary code, or something similarly
undesirable.
To protect against this, I've subclassed pickle.Unpickler, and added
|
by: Grant |
last post by:
Ok I have XP Pro and recently upgraded to SP2 but after doing so one of my
favorite webpages to check daily does not respond the same as before.
It used to be (pre SP2) that I could when visiting this page
http://facs.scripps.edu/surf/buoylist.html When I ran my mouse over the
green CDIP buoys that it would not only show the current data in the upper
part of the summary, but if I clicked on the Dana Point green bar for
instance it would...
|
by: James |
last post by:
What's the best way of securing online databases and web services? At present I am using a database password, which of course is not hard-coded into the web service, but this means re-submitting it with every function call from my windows client. Any alternatives?
|
by: fred |
last post by:
hi,
does anybody know why this code does not raise a
SecurityException?
using System;
using System.Security.Permissions;
using System.Security;
namespace MyNameSpace
|
by: Wm. Scott Miller |
last post by:
Hello all!
We are building applications here and have hashing algorithms to secure
secrets (e.g passwords) by producing one way hashes. Now, I've read alot
and I've followed most of the advice that made sense. One comment I've seen
alot about is "securing the hashing routine" but no-one explains how to
accomplish this. So how do I secure my hashing routine? Do I use code
access security, role based security, ACLs, etc or combination?...
| |
by: Shiro |
last post by:
Hi
I have read the various postings relating to Interop strong name
signing and cannot find an example similar to mine.
I have stringly named my AxInterops/Interops and they all work just
fine, but problems occur when I need to reference a thirdparty's
component.
In my case I am talking about Interop.ShDocVw and AxInterop.ShDocVw. If
|
by: Nick Gilbert |
last post by:
Hi,
As part of a website (ASP.NET) we're creating, we need the ability to
store documents with pretty much 'mission critical' security. ie, if the
server is completely compromised (eg a trojan/virus is installed or
someone physically steals the server) they will still not be able to
gain access to the content of the files. I can securely transfer the
files to and from the server, but I am unsure of how best to store them
securely.
|
by: Petri J. Riipinen |
last post by:
Hi folks,
I have the following situation:
- MyApplication.exe is an WinForms-application that is signed with
"AppKey.snk".
- MyControls.dll contains a MyComponent-class that I want to drop on a form
on the application. This assembly is signed with "ControlsKey.snk"
I don't want anyone else using the control from MyControl.dll except
|
by: Mark Goosen |
last post by:
Hi ive installed wse 2.0 SP3 and was running throught the demo downlaoded on
the Securing the Username Token with WSE 2.0 page the Securing the Username
Token with WSE 2.0.
Im spose to change the access type for "SYSTEM and "ASPNET" to "READ" for
the certificate in the certificate tool by clicking on the "view private key
file properties.." button however i only have a general and summary tab. NO
security tab. Is there a alternative way...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |