I've run into an issue when attempting to use strong names. I've followed darwen'sexample and have it working in a console app, but it fails in a windows app with:
An unhandled exception of type 'System.Security.SecurityException' occurred in StrongNameTestForm.exe
Additional information: Request for the permission of type System.Security.Permissions.StrongNameIdentityPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.
(additional details at the bottom of this message) or if not run in the ide:
The application attempted to perform an operation not allowed by the security policy. The operation required the SecurityException. To grant this application the required permission please contact your system administrator, or use the Microsoft .NET security policy administration tool.
If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will be shut down immediately.
Request for the permission of type System.Security.Permissions.StrongNameIdentityPermission, mscorlig, Version-1.0.50000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.
If I change the application from a windows app to a console app the call works in main() [before Application.Run(new Form1());], but not in the button click event of the form.
I've run the .NET Configuration tool (mscorcfg.msc) and tried adding an application and adding a code group (enterprise, machine, and user; new code group with a condition of Strong Name with the public key [the dll, the console app, and the windows app all show the same public key] without specifying the name or version and with the permission set of full trust) all to no avail. I have also tried this on multiple machines.
Please note that this is failing on my box, not on a remote machine.
Any thoughts?
I have attached an 18k zip of the solution that demonstrates this problem.
Additional details:
************** Exception Text **************
System.Security.SecurityException: Request for the permission of type System.Security.Permissions.StrongNameIdentityPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.
at System.Security.CodeAccessSecurityEngine.CheckTokenBasedSetHelper(Boolean ignoreGrants, TokenBasedSet grants, TokenBasedSet denied, TokenBasedSet demands)
at System.Security.CodeAccessSecurityEngine.CheckSetHelper(PermissionSet grants, PermissionSet denied, PermissionSet demands)
at StrongNameAssembly.StrongNameTestAssembly.StaticEcho(String text) in C:\dl\dotNET\code samples\Securing\StrongNameTest\StrongNameAssembly\StrongNameTestAssembly.cs:line 31
at StrongNameTestForm.Form1.btnStaticTest_Click(Object sender, EventArgs e) in c:\dl\dotnet\code samples\securing\strongnametest\strongnametestform\form1.cs:line 108
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
The state of the failed permission was:
<IPermission class="System.Security.Permissions.StrongNameIdentityPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
PublicKeyBlob="002400000480000094000000060200000024000052534131000400000100 01009515D3907C35834756D430D20B8C4672668C3CAC0EFF041317166F8CC53FDA01CE72D7C 728A942762957F6A7A2264656EBCE5C04078AAFD3E6F7FFFB6ADC799AB011CED46D9B6129F1 1E6517144138B57C85865CBC56E4F2BFFF6651F3FF702F0E039F16CEE9F31B976B51A582977 478B3DD0A52CAC873814646F01FABC8E2BE"/>
The assembly in question uses SecurityAction.Demand, which means that all callers either direct or indirect will have to have the right permission/identity.
It is a good defense (although expensive computation power wise).
If you want your test app to work right away, just use linkdemand as:
Thanks for the quick reply. I thought I had tried LinkDemand, but obviously didn't in the final form of the app. It does indeed allow the test app form to execute correctly.
Which begs the question of why Demand doesn't work for a form but does on a console app. Obviously, there is something in the stack that doesn't have access, but what is it?
The StackTrace for the console app shows:
StackTrace.GetFrame(0).GetMethod().Name: Main
StackTrace.GetFrame(0).GetMethod().ReflectedType.AssemblyQualifiedName: StrongNameTestConsoleApp.Class1
raghuvamshi
I too am having this issue. My usercontrol works fine when envoked from a windows application, but when I embed it into a webpage I get the system.security error!
I get this error on the following line:
dim obj as new domino.notessession
I'm not sure what I need to do? You mention the following line:
StrongNameIdentityPermission(SecurityAction.LinkDemand, PublicKey = PublicKey.Key)]
where do I put this? I'm not too familiar with assemblies! Not sure if the above refers to the assemblies or not.
[StrongNameIdentityPermission(SecurityAction.LinkDemand, PublicKey = PublicKey.Key)] is an attribute on the mthod call in C#. I believe that it's the same in VB, and should prefix the method call. The PublicKey.Key is a constant in another file.
Download the source attached to my first post for a C# example.
* The Best Reasons to Target Windows 8
Learn some of the best reasons why you should seriously consider bringing your Android mobile development expertise to bear on the Windows 8 platform.
StrongNameIdentityPermission issue
Reply With Quote
