This is a migrated thread and some comments may be shown as answers.

System.Security.Permission Exception when run of IIS

5 Answers 483 Views
Getting Started
This is a migrated thread and some comments may be shown as answers.
This question is locked. New answers and comments are not allowed.
sitefinitysteve
Top achievements
Rank 2
Iron
Veteran
sitefinitysteve asked on 12 Apr 2010, 08:34 PM
I've got a web project (local) that refuses to run on IIS using OA...works fine with the Visual Studio embedded webserver, but try and load off IIS gives me this

Server Error in '/' Application.

Security Exception

Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:

Line 142:            } 
Line 143:            return scope; 
Line 144:        }  
Line 145:	}

Source File: c:\temp\RTOModelWeb\App_Code\ObjectScopeProvider1.cs    Line: 144

Stack Trace:

[SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
   ObjectScopeProvider1.GetPerRequestScope(HttpContext context) in c:\temp\RTOModelWeb\App_Code\ObjectScopeProvider1.cs:144
   RTOHelper.get_Scope() in c:\temp\RTOModelWeb\App_Code\RTOHelper.cs:13
   WorkFlowDesigner.Page_UnLoad(Object sender, EventArgs e) in c:\temp\RTOModelWeb\WorkFlowDesigner.aspx.cs:43
   System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
   System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +42
   System.Web.UI.Control.OnUnload(EventArgs e) +11026878
   System.Web.UI.Control.UnloadRecursive(Boolean dispose) +11026942
   System.Web.UI.Page.UnloadRecursive(Boolean dispose) +24
   System.Web.UI.Page.ProcessRequestCleanup() +55
   System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +11041050
   System.Web.UI.Page.ProcessRequest() +91
   System.Web.UI.Page.ProcessRequest(HttpContext context) +240
   ASP.workflowdesigner_aspx.ProcessRequest(HttpContext context) in c:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\8e1af0b4\4e2d54fd\App_Web_pwzop6xs.0.cs:0
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +599
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +171

5 Answers, 1 is accepted

Sort by
0
Zoran
Telerik team
answered on 15 Apr 2010, 08:27 AM
Hi Steve,

 Is your application running in medium trust? Maybe you could give us some more details about the security settings of your application as well as you IIS configuration. The best would be if you could send us your application so we can test it locally. 

Greetings,
Zoran
the Telerik team

Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items.
0
Michał
Top achievements
Rank 2
answered on 08 Aug 2010, 06:22 PM
Hi,

Exception was throw because function GetPerRequestScope(HttpContext context) in ObjectScopeProvider1 try to access Thread.CurrentContext:
System.MethodAccessException: Attempt by security transparent method 'ISSoft.Data.ObjectScopeProvider.GetPerRequestScope(System.Web.HttpContext)' to access security critical method 'System.Threading.Thread.get_CurrentContext()' failed.

Class ObjectScopeProvider1 is generated when you use Reverse Mapping instead of Domain Model.
0
Zoran
Telerik team
answered on 10 Aug 2010, 09:11 AM
Hi Michał,

 You are right, thread context is a resource that can not be accessed under medium trust. This means that the implementation of the GetPerRequestScope method should be a bit modified for applications running 
under medium trust .

Greetings,
Zoran
the Telerik team
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
0
Christian
Top achievements
Rank 1
answered on 18 Dec 2011, 01:22 AM
I'm using the latest version of OpenAccess ORM and am leveraging a technique that uses a GetContextPerRequest method to isolate a single data context for the life of an entire request. I am also running in a Medium trust environment.

I am also getting the dreaded
"access security critical method 'System.Threading.Thread.get_CurrentContext()' failed"
error message.

I need help in resolving this...

Thanks
0
Zoran
Telerik team
answered on 21 Dec 2011, 09:24 AM
Hello Christian,

 Since the HttpContext is unique for each request, it is safe for you to change the following line in the GetContextPerRequest  method:

string key = context.GetHashCode().ToString("x") + System.Threading.Thread.CurrentContext.ContextID.ToString();

with:
string key = context.GetHashCode().ToString("x");

That way you will not need to access the Thread.CurrentContext which throws the security exception.

Even more, you could use some simple string value as a key for the context. For example:
string key = "Context";

You just have to be sure that there is no other part of your application that tries to store different value under the same key that you use for storing your context.

Greetings,
Zoran
the Telerik team

Q3’11 of Telerik OpenAccess ORM is available for download. Register for the What's New in Data Tools webinar to see what's new and get a chance to WIN A FREE LICENSE!

Tags
Getting Started
Asked by
sitefinitysteve
Top achievements
Rank 2
Iron
Veteran
Answers by
Zoran
Telerik team
Michał
Top achievements
Rank 2
Christian
Top achievements
Rank 1
Share this question
or