471,354 Members | 2,068 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 471,354 software developers and data experts.

Windows Usercontrols in Web Forms - Permissions, Security.....

We are trying to create a system where our users will navigate to a web
page, and this web page will reference a Windows User Control which is
then downloaded and run on the users machine.

The User Control is referenced on the web page in the following way

<OBJECT id="RegistryReaderCtrl"
classid="http://localhost/CustomerRegistration/UserCtrlRegistry.dll#UserCtrlRegistry.RegistryRead er"
Now this works IF we do the following on the clients machine;

1) Fully trust the assembly using the .NET Configuration Tool

2) Include our site in the Trusted Sites Group and give this group full

(this is because the user control directly access the filesystem on the
clients machine, to read data from it).
However we don't want to have to do this on every client machine.
One approach we considered was the following;

1) Install (using an msi installer) an assembly in the GAC on the
client machine. This assembly would handle all the restricted actions
(such as file IO etc). This assembly has the attribute:

<Assembly: AllowPartiallyTrustedCallers()>

Set so that it can be called from locations which aren't fully trusted.

2) Our Usercontrol now, rather than trying to directly access the
Filesystem on the clients machine, creates an instance of the Type we
added to the GAC.

3) The new type is then used to read from the Filesystem (as it is
trusted because it is in the GAC).

However this second approach doesn't work. We can create an instance of
the type stored in the GAC, but attmpting to call the method within it
throws the same exception as before (request for permission
System.Security.Permissions.FileIOPermission denied).

I can't see why the second approach doesn't work though, any pointers
much appreciated. Code is in VB.net.

Jul 21 '05 #1
0 1033

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

14 posts views Thread by RL Stevenson | last post: by
2 posts views Thread by Budhi Saputra Prasetya | last post: by
reply views Thread by Budhi Saputra Prasetya | last post: by
reply views Thread by XIAOLAOHU | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.