For my current project I use Dapper. Everything perfect. Then I needed to deploy it on shared hosting. The result can be seen here (copied YSOD):
Description: The application attempted to perform an operation not
allowed by the security policy. To grant this application the
required permission please contact your system administrator or change
the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Request for the
permission of type 'System.Security.Permissions.ReflectionPermission,
mscorlib, Version=4.0.0.0, Culture=neutral,
PublicKeyToken=b77a5c561934e089' failed.
Stack trace
[SecurityException: Request for the permission of type
'System.Security.Permissions.ReflectionPermission, mscorlib,
Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'
failed.] System.Security.CodeAccessSecurityEngine.Check(Object
demand, StackCrawlMark& stackMark, Boolean isPermSet) +0
System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission
cap, StackCrawlMark& stackMark) +31
System.Security.CodeAccessPermission.Demand() +46
System.Reflection.Emit.DynamicMethod.PerformSecurityCheck(Type owner,
StackCrawlMark& stackMark, Boolean skipVisibility) +9461551
System.Reflection.Emit.DynamicMethod..ctor(String name, Type
returnType, Type[] parameterTypes, Type owner, Boolean skipVisibility)
+40 Dapperx.SqlMapper.CreateParamInfoGenerator(Identity identity) +537 Dapperx.SqlMapper.GetCacheInfo(Identity identity) +376 Dapperx.d__131.MoveNext() +644
System.Collections.Generic.List1..ctor(IEnumerable1 collection) +327
System.Linq.Enumerable.ToList(IEnumerable1 source) +58
Dapperx.SqlMapper.Query(IDbConnection cnn, String sql, Object param,
IDbTransaction transaction, Boolean buffered, Nullable1
commandTimeout, Nullable1 commandType) +199
...
Is there any way how to solve it for (in .NET 4.0)?
As far as I understand what I've read so far, the provider has to allow some parts from reflection for the IIS which might be a security risk for them...
Reflection.Emit which is used by Dapper is not allowed in Medium Trust.
You should find a hosting provider that offers Full Trust. discountasp.net is one I have used before.
Related
I'm facing following problem. I've got Service Stack-based webservice which I want have on shared hosting. When deploying there and trying to open an url I'm getting following error:
Security Exception
Description: The application attempted to perform an operation not
allowed by the security policy. To grant this application the
required permission please contact your system administrator or change
the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Request for the
permission of type 'System.Security.Permissions.ReflectionPermission,
mscorlib, Version=4.0.0.0, Culture=neutral,
PublicKeyToken=b77a5c561934e089' failed.
Source Error:
An unhandled exception was generated during the execution of the
current web request. Information regarding the origin and location of
the exception can be identified using the exception stack trace below.
Stack Trace:
[SecurityException: Request for the permission of type
'System.Security.Permissions.ReflectionPermission, mscorlib,
Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'
failed.] System.Security.CodeAccessSecurityEngine.Check(Object
demand, StackCrawlMark& stackMark, Boolean isPermSet) +0
System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission
cap, StackCrawlMark& stackMark) +34
System.Security.CodeAccessPermission.Demand() +46
System.Reflection.Emit.DynamicMethod.PerformSecurityCheck(Module m,
StackCrawlMark& stackMark, Boolean skipVisibility) +243
System.Reflection.Emit.DynamicMethod..ctor(String name, Type
returnType, Type[] parameterTypes, Module m, Boolean skipVisibility)
+48 ServiceStack.Text.ReflectionExtensions.GetConstructorMethodToCache(Type
type) +586
ServiceStack.Text.ReflectionExtensions.GetConstructorMethod(Type type)
+68 ServiceStack.Text.ReflectionExtensions.CreateInstance(Type type) +8
ServiceStack.ServiceHost.ServiceController.RegisterNServiceExecutor(Type
requestType, Type serviceType, ITypeFactory serviceFactoryFn) +123
ServiceStack.ServiceHost.ServiceController.RegisterNService(ITypeFactory
serviceFactoryFn, Type serviceType) +287
ServiceStack.ServiceHost.ServiceController.Register(ITypeFactory
serviceFactoryFn) +96
ServiceStack.ServiceHost.ServiceManager.Init() +50
ServiceStack.WebHost.Endpoints.AppHostBase.Init() +43
DarkMindFx.Global.Application_Start(Object sender, EventArgs e) +571
So it seems like ServiceStack cannot perform the reflaction.
I've also tried to
<securityPolicy>
<trustLevel name="Full" policyFile="internal"/>
</securityPolicy>
to web.config but as the result hosting returns me an error with this line in web.config.
Does anyone ever faced such issue? Any ideas how to solve it?
The SecurityException is because GoDaddy doesn't support full trust ASP.NET hosting. You can try requesting their support to enable it for your site, otherwise you would need to use a different hosting provider.
I was moving iis to another server and I get a generic service unavailable 503 error. When looking at this error in the log:
IISMANAGER_ERROR_LOADING_PROVIDER_TYPE
IIS Manager could not load type 'Microsoft.Web.Management.PlatformInstaller.Server.PlatformInstallerModuleProvider, Microsoft.Web.Management.PlatformInstaller.Server, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35' for module provider 'PlatformInstaller' that is declared in %windir%\system32\inetsrv\config\administration.config. Verify that the type is correct, and that the assembly that contains the module provider is in the Global Assembly Cache (GAC).
Exception:System.IO.FileNotFoundException: Could not load file or assembly 'Microsoft.Web.Management.PlatformInstaller.Server, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.
File name: 'Microsoft.Web.Management.PlatformInstaller.Server, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at System.RuntimeTypeHandle._GetTypeByName(String name, Boolean throwOnError, Boolean ignoreCase, Boolean reflectionOnly, StackCrawlMark& stackMark, Boolean loadTypeFromPartialName)
at System.RuntimeTypeHandle.GetTypeByName(String name, Boolean throwOnError, Boolean ignoreCase, Boolean reflectionOnly, StackCrawlMark& stackMark)
at System.RuntimeType.PrivateGetType(String typeName, Boolean throwOnError, Boolean ignoreCase, Boolean reflectionOnly, StackCrawlMark& stackMark)
at System.Type.GetType(String typeName, Boolean throwOnError)
at Microsoft.Web.Management.Server.AdministrationModuleProvider.GetModuleProvider(String userName, String connectionName)
WRN: Assembly binding logging is turned OFF.
To enable assembly bind failure logging, set the registry value [HKLM\Software\Microsoft\Fusion!EnableLog] (DWORD) to 1.
Note: There is some performance penalty associated with assembly bind failure logging.
To turn this feature off, remove the registry value [HKLM\Software\Microsoft\Fusion!EnableLog].
Process:InetMgr
Connection:VPS2837\VPS2837Admin
Any suggestions? I have tried finding a replacing the C:\Windows\System32\inetsrv\config\administration.config file with 5.0.0.0 instead of 4.0.0.0 for the version of Microsoft web management. Still no luck. Thanks in advice
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
System.Reflection.Assembly._GetType(String name, Boolean throwOnError, Boolean ignoreCase) +0
System.Reflection.Assembly.GetType(String name, Boolean throwOnError, Boolean ignoreCase) +42
System.Web.UI.Util.GetTypeFromAssemblies(ICollection assemblies, String typeName, Boolean ignoreCase) +145
System.Web.UI.TemplateParser.GetType(String typeName, Boolean ignoreCase, Boolean throwOnError) +73
System.Web.UI.TemplateParser.ProcessInheritsAttribute(String baseTypeName, String codeFileBaseTypeName, String src, Assembly assembly) +111
System.Web.UI.TemplateParser.PostProcessMainDirectiveAttributes(IDictionary parseData) +279
Version Information: Microsoft .NET Framework Version:2.0.50727.3053; ASP.NET Version:2.0.50727.3053
You should change the application trust level in your web.config
Add something like this to your system.web section:
<system.web>
<securityPolicy>
<trustLevel name="Full" policyFile="internal"/>
</securityPolicy>
</system.web>
If it works, decrease your trustLevel to High, then to Medium, then to Low to see which trust level is sufficient for your application.
Actually I found the Issue, the project was created in an network not on my local. Thanks for your time to have look into this
I am having problems getting Microsoft Charting:
System.Web.DataVisualization.dll
To work in the Medium Trust on Windows Server 2008 on IIS 7
Using .Net 3.5
In an environment at Rackspace on their Cloud Sites.
I get this error message from the Rackspace hosting environment:
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: That assembly does not allow partially trusted callers.
I have setup a site in our local staging environment to test the medium trust, and I get this message:
Required permissions cannot be acquired.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Security.Policy.PolicyException: Required permissions cannot be acquired.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[PolicyException: Required permissions cannot be acquired.]
System.Security.SecurityManager.ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, PermissionSet& denied, Boolean checkExecutionPermission) +10239406
System.Security.SecurityManager.ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, PermissionSet& denied, Int32& securitySpecialFlags, Boolean checkExecutionPermission) +97
[FileLoadException: Could not load file or assembly 'System.Web.DataVisualization, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
System.Reflection.Assembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, Assembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection) +0
System.Reflection.Assembly.InternalLoad(AssemblyName assemblyRef, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +416
System.Reflection.Assembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +166
System.Reflection.Assembly.Load(String assemblyString) +35
System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +190
[ConfigurationErrorsException: Could not load file or assembly 'System.Web.DataVisualization, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +11204104
System.Web.Configuration.CompilationSection.LoadAllAssembliesFromAppDomainBinDirectory() +388
System.Web.Configuration.CompilationSection.LoadAssembly(AssemblyInfo ai) +232
System.Web.Configuration.AssemblyInfo.get_AssemblyInternal() +48
System.Web.Compilation.BuildManager.GetReferencedAssemblies(CompilationSection compConfig) +210
System.Web.Compilation.BuildProvidersCompiler..ctor(VirtualPath configPath, Boolean supportLocalization, String outputAssemblyName) +76
System.Web.Compilation.ApplicationBuildProvider.GetGlobalAsaxBuildResult(Boolean isPrecompiledApp) +283
System.Web.Compilation.BuildManager.CompileGlobalAsax() +50
System.Web.Compilation.BuildManager.EnsureTopLevelFilesCompiled() +676
[HttpException (0x80004005): Could not load file or assembly 'System.Web.DataVisualization, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
System.Web.Compilation.BuildManager.ReportTopLevelCompilationException() +76
System.Web.Compilation.BuildManager.EnsureTopLevelFilesCompiled() +1012
System.Web.Hosting.HostingEnvironment.Initialize(ApplicationManager appManager, IApplicationHost appHost, IConfigMapPathFactory configMapPathFactory, HostingEnvironmentParameters hostingParameters) +1025
[HttpException (0x80004005): Could not load file or assembly 'System.Web.DataVisualization, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +11297830
System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +88
System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +4336948
Version Information: Microsoft .NET Framework Version:2.0.50727.4200; ASP.NET Version:2.0.50727.4016
Rackspace will not install the MSChart.exe package on the Rackspace Cloud Sites servers.
MS Charting for .Net 3.5 must be installed using the MSI.
To get it to work in medium trust where you cannot install it, try using .Net 4.0 where it is part of the .Net Framework.
Whe I try to run my site locally I get this error:
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
Stacktrace:
[SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
System.Reflection.Assembly._GetType(String name, Boolean throwOnError, Boolean ignoreCase) +0
System.Web.UI.Util.GetTypeFromAssemblies(ICollection assemblies, String typeName, Boolean ignoreCase) +201
System.Web.Compilation.BuildManager.GetType(String typeName, Boolean throwOnError, Boolean ignoreCase) +302
System.Web.Configuration.ConfigUtil.GetType(String typeName, String propertyName, ConfigurationElement configElement, XmlNode node, Boolean checkAptcaBit, Boolean ignoreCase) +64
I'm not running across a UNC share or accessing any shared network resources. It's a .NET 3.5 site running on IIS7 on a windows 7 box.
I don't think I made any changes before this started happening, and since it has I've rebuilt the solution & restarted the computer.
Try the following. It has to do with Application Pool setting, "Load User Profile=True".