Hi everybody,
If I sign an app using a strong name and then set the enterprise security
policy to allow FullTrust to any app signed by the
given publisher, the application cannot access Web Services failing with the
exception below.
What I really want to do is access a Web Service from a .NET 1.1 signed
WinForms application running on a desktop where the enterprise security
policy is set to give FullTrust to signed applications (and Microsoft and
ECMA Strong Named apps) and Nothing to unsigned code.
I don't want to relax my Enterprise Security Policy to allow unsigned code
to run , because that seems to me as a security hole!
Enterprise Policy as follows:
All_Code - Nothing - LevelFinal
My_Computer_Zone - Nothing - LevelFinal
My_StrongName - FullTrust - LevelFinal
Microsoft_Strong_Name - FullTrust - LevelFinal
ECMA_Strong_Name - FullTrust - LevelFinal
It seems to relate to the execution of code which is runtime compiled inside
of the SoapHttpClientProtokol constructor which calls during runtime the
codedom to generate an assembly to load it in the memory.
Unfortunetly it seems to me that this in-memory generated assembly that is
being used to access the Web Service is an unsigned assembly that therefore
cannot be given any rights under a "run-signed-code-only" security policy.
Does anybody has the same problem and knows a workaround?
Thanks in advance for your answers
Best regards
Hartmut
Copy of the Exceptiontext:
Informationen über das Aufrufen von JIT-Debuggen
finden Sie am Ende dieser Meldung, anstatt in diesem Dialogfeld.
************** Ausnametext **************
System.Security.Policy.PolicyException: Ausnahme von HRESULT: 0x80131418.
at System.Reflection.Assembly.nLoadImage(Byte[] rawAssembly, Byte[]
rawSymbolStore, Evidence evidence, StackCrawlMark& stackMark)
at System.Reflection.Assembly.Load(Byte[] rawAssembly, Byte[]
rawSymbolStore, Evidence securityEvidence)
at System.CodeDom.Compiler.CodeCompiler.FromFileBatch (CompilerParameters
options, String[] fileNames)
at
System.CodeDom.Compiler.CodeCompiler.FromSourceBat ch(CompilerParameters
options, String[] sources)
at System.CodeDom.Compiler.CodeCompiler.FromSource(Co mpilerParameters
options, String source)
at
System.CodeDom.Compiler.CodeCompiler.System.CodeDo m.Compiler.ICodeCompiler.C
ompileAssemblyFromSource(CompilerParameters options, String source)
at System.Xml.Serialization.Compiler.Compile()
at System.Xml.Serialization.TempAssembly..ctor(XmlMap ping[] xmlMappings)
at System.Xml.Serialization.XmlSerializer.FromMapping s(XmlMapping[]
mappings)
at System.Web.Services.Protocols.SoapClientType..ctor (Type type)
at System.Web.Services.Protocols.SoapHttpClientProtoc ol..ctor()
at WindowsApplication1.localhost.Service1..ctor() in
E:\WOM\PlugInTest\WindowsApplication1\Web
References\localhost\Reference.cs:line 30
at WindowsApplication1.Form1.button_CallWebService_Cl ick(Object sender,
EventArgs e) in e:\wom\plugintest\windowsapplication1\form1.cs:lin e 233
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventAr gs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons
button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.ControlNativeWindow.OnMessage (Message& m)
at System.Windows.Forms.ControlNativeWindow.WndProc(M essage& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg,
IntPtr wparam, IntPtr lparam)
************** Geladene Assemblys **************
mscorlib
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/microsoft.net/framework/v1.1.4322/mscorlib.dll
----------------------------------------
mscorlib.resources
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/assembly/gac/mscorlib.resources/1.0.5000.0_de_b77a5c561934e
089/mscorlib.resources.dll
----------------------------------------
WindowsApplication1
Assembly-Version: 1.0.1686.39398
Win32-Version: 1.0.1686.39398
CodeBase:
file:///E:/WOM/PlugInTest/WindowsApplication1/bin/Debug/WindowsApplication1.
exe
----------------------------------------
System.Windows.Forms
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/assembly/gac/system.windows.forms/1.0.5000.0__b77a5c561934e
089/system.windows.forms.dll
----------------------------------------
System
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/assembly/gac/system/1.0.5000.0__b77a5c561934e089/system.dll
----------------------------------------
System.Drawing
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/assembly/gac/system.drawing/1.0.5000.0__b03f5f7f11d50a3a/sy
stem.drawing.dll
----------------------------------------
System.Xml
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/assembly/gac/system.xml/1.0.5000.0__b77a5c561934e089/system
..xml.dll
----------------------------------------
System.Web.Services
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/assembly/gac/system.web.services/1.0.5000.0__b03f5f7f11d50a
3a/system.web.services.dll
----------------------------------------
System.Web
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/assembly/gac/system.web/1.0.5000.0__b03f5f7f11d50a3a/system
..web.dll
----------------------------------------
System.Windows.Forms.resources
Assembly-Version: 1.0.5000.0
Win32-Version: 1.1.4322.573
CodeBase:
file:///c:/winnt/assembly/gac/system.windows.forms.resources/1.0.5000.0_de_b
77a5c561934e089/system.windows.forms.resources.dll
----------------------------------------
************** JIT-Debuggen **************
Um das JIT-Debuggen (Just-In-Time) zu aktivieren, muss in der
Konfigurationsdatei der Anwendung oder des Computers
(machine.config) der jitDebugging-Wert im Abschnitt system.windows.forms
festgelegt werden.
Die Anwendung muss mit aktiviertem Debuggen kompiliert werden.
Zum Beispiel:
<configuration>
<system.windows.forms jitDebugging="true" />
</configuration>
Wenn das JIT-Debuggen aktiviert ist, werden alle nicht behandelten
Ausnahmen an den JIT-Debugger gesendet, der auf dem
Computer registriert ist, und nicht von diesem Dialogfeld behandelt.