473,396 Members | 1,972 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > .net framework > questions > securityproblem in webserviceproxy

Join Bytes to post your question to a community of 473,396 software developers and data experts.

Securityproblem in WebServiceProxy

Hi everybody,

If I sign an app using a strong name and then set the enterprise security
policy to allow FullTrust to any app signed by the
given publisher, the application cannot access Web Services failing with the
exception below.

What I really want to do is access a Web Service from a .NET 1.1 signed
WinForms application running on a desktop where the enterprise security
policy is set to give FullTrust to signed applications (and Microsoft and
ECMA Strong Named apps) and Nothing to unsigned code.

I don't want to relax my Enterprise Security Policy to allow unsigned code
to run , because that seems to me as a security hole!

Enterprise Policy as follows:

All_Code - Nothing - LevelFinal
My_Computer_Zone - Nothing - LevelFinal
My_StrongName - FullTrust - LevelFinal
Microsoft_Strong_Name - FullTrust - LevelFinal
ECMA_Strong_Name - FullTrust - LevelFinal

It seems to relate to the execution of code which is runtime compiled inside
of the SoapHttpClientProtokol constructor which calls during runtime the
codedom to generate an assembly to load it in the memory.

Unfortunetly it seems to me that this in-memory generated assembly that is
being used to access the Web Service is an unsigned assembly that therefore
cannot be given any rights under a "run-signed-code-only" security policy.

Does anybody has the same problem and knows a workaround?

Thanks in advance for your answers

Best regards
Hartmut

Copy of the Exceptiontext:
Informationen über das Aufrufen von JIT-Debuggen
finden Sie am Ende dieser Meldung, anstatt in diesem Dialogfeld.

************** Ausnametext **************
System.Security.Policy.PolicyException: Ausnahme von HRESULT: 0x80131418.
at System.Reflection.Assembly.nLoadImage(Byte[] rawAssembly, Byte[]
rawSymbolStore, Evidence evidence, StackCrawlMark& stackMark)
at System.Reflection.Assembly.Load(Byte[] rawAssembly, Byte[]
rawSymbolStore, Evidence securityEvidence)
at System.CodeDom.Compiler.CodeCompiler.FromFileBatch (CompilerParameters
options, String[] fileNames)
at
System.CodeDom.Compiler.CodeCompiler.FromSourceBat ch(CompilerParameters
options, String[] sources)
at System.CodeDom.Compiler.CodeCompiler.FromSource(Co mpilerParameters
options, String source)
at
System.CodeDom.Compiler.CodeCompiler.System.CodeDo m.Compiler.ICodeCompiler.C
ompileAssemblyFromSource(CompilerParameters options, String source)
at System.Xml.Serialization.Compiler.Compile()
at System.Xml.Serialization.TempAssembly..ctor(XmlMap ping[] xmlMappings)
at System.Xml.Serialization.XmlSerializer.FromMapping s(XmlMapping[]
mappings)
at System.Web.Services.Protocols.SoapClientType..ctor (Type type)
at System.Web.Services.Protocols.SoapHttpClientProtoc ol..ctor()
at WindowsApplication1.localhost.Service1..ctor() in
E:\WOM\PlugInTest\WindowsApplication1\Web
References\localhost\Reference.cs:line 30
at WindowsApplication1.Form1.button_CallWebService_Cl ick(Object sender,
EventArgs e) in e:\wom\plugintest\windowsapplication1\form1.cs:lin e 233
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventAr gs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons
button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.ControlNativeWindow.OnMessage (Message& m)
at System.Windows.Forms.ControlNativeWindow.WndProc(M essage& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg,
IntPtr wparam, IntPtr lparam)
************** Geladene Assemblys **************
mscorlib
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/microsoft.net/framework/v1.1.4322/mscorlib.dll
----------------------------------------
mscorlib.resources
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/assembly/gac/mscorlib.resources/1.0.5000.0_de_b77a5c561934e
089/mscorlib.resources.dll
----------------------------------------
WindowsApplication1
Assembly-Version: 1.0.1686.39398
Win32-Version: 1.0.1686.39398
CodeBase:
file:///E:/WOM/PlugInTest/WindowsApplication1/bin/Debug/WindowsApplication1.
exe
----------------------------------------
System.Windows.Forms
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/assembly/gac/system.windows.forms/1.0.5000.0__b77a5c561934e
089/system.windows.forms.dll
----------------------------------------
System
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/assembly/gac/system/1.0.5000.0__b77a5c561934e089/system.dll
----------------------------------------
System.Drawing
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/assembly/gac/system.drawing/1.0.5000.0__b03f5f7f11d50a3a/sy
stem.drawing.dll
----------------------------------------
System.Xml
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/assembly/gac/system.xml/1.0.5000.0__b77a5c561934e089/system
..xml.dll
----------------------------------------
System.Web.Services
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/assembly/gac/system.web.services/1.0.5000.0__b03f5f7f11d50a
3a/system.web.services.dll
----------------------------------------
System.Web
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/assembly/gac/system.web/1.0.5000.0__b03f5f7f11d50a3a/system
..web.dll
----------------------------------------
System.Windows.Forms.resources
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/assembly/gac/system.windows.forms.resources/1.0.5000.0_de_b
77a5c561934e089/system.windows.forms.resources.dll
----------------------------------------

************** JIT-Debuggen **************
Um das JIT-Debuggen (Just-In-Time) zu aktivieren, muss in der
Konfigurationsdatei der Anwendung oder des Computers
(machine.config) der jitDebugging-Wert im Abschnitt system.windows.forms
festgelegt werden.
Die Anwendung muss mit aktiviertem Debuggen kompiliert werden.

Zum Beispiel:

<configuration>
<system.windows.forms jitDebugging="true" />
</configuration>

Wenn das JIT-Debuggen aktiviert ist, werden alle nicht behandelten
Ausnahmen an den JIT-Debugger gesendet, der auf dem
Computer registriert ist, und nicht von diesem Dialogfeld behandelt.
Nov 21 '05 #1
0 1975
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
Program handles Gui event while staying in WebServiceProxy.Invoke() when debugging
by: Roeland | last post by:
Hello, When calling the Invoke() method of a web service proxy class, this normally is a synchroneous call, that stays untill the results are received. Gui events are not handled in the mean...
.NET Framework
5
WebService Proxy Classes (using wsdl.exe) ! Need expert help ! MS PEOPLE ?
by: Benne Smith | last post by:
Hi, I have three enviroments; a development, a testing and a production enviroment. I'm making a big application (.exe), which uses alot of different webservices. I don't use the webservices...
C# / C Sharp
1
Sending an Enum as a parameter to a web service.
by: Charlieee | last post by:
Has anyone tried sending an Enum as a parameter to a web service? We can only get it to work if we take the Enum and cast it to an int then parse it back within the web method. The docs show...
C# / C Sharp
1
<identity> Issues w/Web Service
by: nobody101 | last post by:
I have a web service configured with Anonymous access disabled. The calling client, prior to executing a method on the service, sets its network credentials for the IIS to authenticate: ...
ASP.NET
2
The underlying connection was closed: The remote name could not be resolved
by: niklesh | last post by:
Dear all, when i am trying to giving web reference to webservices i am getting above said error.. i tried to find out what is the main problem then i got from microsoft support that i have to...
.NET Framework
0
Access Problem connecting to Web Service from Windows Service
by: Steve DeLong | last post by:
I have a C# Web Service (anonymous access has been disabled) that I would like to connect to with a standard Windows Service, also in C# as part of a scheduled synchronization system. I have...
.NET Framework
1
Connecting to wrong web service
by: Yogesh | last post by:
Hi, Need some help. I have two copies of the same web services project deployed in the IIS. The web services are being used by two different applications. Suppose the web services are WS-1 and...
.NET Framework
1
File Upload Form text - is it posible to set READONLY by javascript
by: Grzegorz ¦lusarek | last post by:
Hi All. One of the fields used in my form is to upload file, Is is to posible to made this field readonly and after filling radio field set this to use by javascript. I don't wanna give a User...
Javascript
2
how to debug microsoft errors coming from javascript?
by: joelkeepup | last post by:
Hi, I made a change this morning and now im getting an error that says either "a is undefined or null" or "e is undefined or null" the microsoft ajax line is below, I have no idea how to...
ASP.NET
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!