Hi Steven
Feel free to send me your test project and I'll set the trust up to see what
happens! C# is fine, I actually prefer it! Only working in VB as the
developers on this project only speak VB!
This code fails on at least 3 machines, 2 of which are the same base build
but the 3rd one is in the states and so is a completely different build.
What I find strange is that when trusting the UNC share they both work but
by trusting the public key only one works, but I know that the assembly is
trusted as if I remove the strong name trust then they both fail. It looks
like the permissions are ignored on the call to
ConfigurationManager.GetSection which doesn't make sense to me.
Here's the code (with line numbers) and the stack trace which shows that
lines 15 and 16 execute fine, but line 18 throws an exception:
15 Dim myConfiguation As Configuration =
ConfigurationManager.OpenExeConfiguration(Configur ationUserLevel.None)
16 Dim config As MailManagerConfiguration =
CType(myConfiguation.GetSection("MailManagerConfig uration"),
MailManagerConfiguration)
18 Dim configSection As Object =
ConfigurationManager.GetSection("MailManagerConfig uration")
H:\ConfigurationTests\ConfigurationExample>Configu rationExample.exe
Unhandled Exception: System.Configuration.ConfigurationErrorsException: An
error occurred creating the configuration section handler for
MailManagerConfiguration: That assembly does not allow partially trusted
callers.
(H:\ConfigurationTests\ConfigurationExample\Config urationExample.exe.config
line 27) ---System.Security.SecurityException: That assembly does not allow
partially trusted callers.
at
System.Security.CodeAccessSecurityEngine.ThrowSecu rityException(Assembly asm,
PermissionSet granted, PermissionSet refused, RuntimeMethodHandle rmh,
SecurityAction action, Object demand, IPermission permThatFailed)
at System.Reflection.MethodBase.PerformSecurityCheck( Object obj,
RuntimeMethodHandle method, IntPtr parent, UInt32 invocationFlags)
at System.Reflection.RuntimeConstructorInfo.Invoke(Bi ndingFlags
invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at System.Reflection.ConstructorInfo.Invoke(Object[] parameters)
at
System.Configuration.TypeUtil.InvokeCtorWithReflec tionPermission(ConstructorInfo ctor)
at
System.Configuration.RuntimeConfigurationRecord.Ru ntimeConfigurationFactory.CreateSectionImpl(Runtim eConfigurationRecord
configRecord, FactoryRecord factoryRecord, SectionRecord sectionRecord,
Object parentConfig, ConfigXmlReader reader)
at
System.Configuration.RuntimeConfigurationRecord.Ru ntimeConfigurationFactory.CreateSectionWithRestric tedPermissions(RuntimeConfigurationRecord
configRecord, FactoryRecord factoryRecord, SectionRecord sectionRecord,
Object parentConfig, ConfigXmlReader reader)
at System.Configuration.RuntimeConfigurationRecord.Cr eateSection(Boolean
inputIsTrusted, FactoryRecord factoryRecord, SectionRecord sectionRecord,
Object parentConfig, ConfigXmlReader reader)
at System.Configuration.BaseConfigurationRecord.CallC reateSection(Boolean
inputIsTrusted, FactoryRecord factoryRecord, SectionRecord sectionRecord,
Object parentConfig, ConfigXmlReader reader, String filename, Int32 line)
The action that failed was:
LinkDemand
The assembly or AppDomain that failed was:
System.Configuration, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a
The Zone of the assembly that failed was:
MyComputer
The Url of the assembly that failed was:
file:///C:/WINDOWS/assembly/GAC_MSIL/System.Configuration/2.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
--- End of inner exception stack trace ---
at System.Configuration.BaseConfigurationRecord.Evalu ateOne(String[]
keys, SectionInput input, Boolean isTrusted, FactoryRecord factoryRecord,
SectionRecordsectionRecord, Object parentResult)
at System.Configuration.BaseConfigurationRecord.Evalu ate(FactoryRecord
factoryRecord, SectionRecord sectionRecord, Object parentResult, Boolean
getLkg, Boolean getRuntimeObject, Object& result, Object& resultRuntimeObject)
at
System.Configuration.BaseConfigurationRecord.GetSe ctionRecursive(String
configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject,
Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
at
System.Configuration.BaseConfigurationRecord.GetSe ctionRecursive(String
configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject,
Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
at
System.Configuration.BaseConfigurationRecord.GetSe ctionRecursive(String
configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject,
Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSe ction(String
configKey,Boolean getLkg, Boolean checkPermission)
at System.Configuration.BaseConfigurationRecord.GetSe ction(String
configKey)
at
System.Configuration.ClientConfigurationSystem.Sys tem.Configuration.Internal.IInternalConfigSystem.G etSection(String sectionName)
at System.Configuration.ConfigurationManager.GetSecti on(String sectionName)
at ConfigurationExample.Program.Main() in
J:\Development\Doug\VS2005\Projects\TestApps\Confi gurationExample\ConfigurationExample\Program.vb:li ne 18
H:\ConfigurationTests\ConfigurationExample>
"Steven Cheng[MSFT]" wrote:
Thanks for your reply Doug,
I've tried both of the two coding approach in my local project, however, it
seem in both cases the application can work well as long as I add the code
group(that grant the UNC share path or the strong-name "Fulltrust"
permission). Therefore, I'm wondering the problem maybe specific to
particular machine environment. the only difference is that my test project
is built through C#. If you want, I can send my test c# project to you for
testing.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
This posting is provided "AS IS" with no warranties, and confers no rights.