Security Exception

Security Exception

Postby garybetz » Thu 24 May 2007 18:14

I am getting an error when trying to execute a MySqlScript.Open() from my application. My application runs on one server and the database is on another server. The error I get is as follows:

Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:


Line 134: myScript = New MySqlScript(drop_sqlstr, myConn)
Line 135: Try
Line 136: myConn.Open()
Line 137: myScript.Execute()
Line 138: myConn.Close()


Source File: d:\Customers\user1275616\www\utils\upload_excel.aspx.vb Line: 136

Stack Trace:


[SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
System.Runtime.Serialization.Formatters.Binary.ObjectReader.CheckSecurity(ParseRecord pr) +1644100
System.Runtime.Serialization.Formatters.Binary.ObjectReader.ParseArray(ParseRecord pr) +847
System.Runtime.Serialization.Formatters.Binary.ObjectReader.ParseObject(ParseRecord pr) +76
System.Runtime.Serialization.Formatters.Binary.ObjectReader.Parse(ParseRecord pr) +64
System.Runtime.Serialization.Formatters.Binary.__BinaryParser.ReadArray(BinaryHeaderEnum binaryHeaderEnum) +1127
System.Runtime.Serialization.Formatters.Binary.__BinaryParser.Run() +186
System.Runtime.Serialization.Formatters.Binary.ObjectReader.Deserialize(HeaderHandler handler, __BinaryParser serParser, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage) +183
System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize(Stream serializationStream, HeaderHandler handler, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage) +190
System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize(Stream serializationStream) +12
CoreLab.Common.r.a(Stream A_0, String A_1, String A_2, String& A_3) +137
CoreLab.Common.r.a(LicenseContext A_0, Type A_1, String& A_2, Assembly& A_3) +1423
CoreLab.Common.r.a(LicenseContext A_0, Type A_1, String& A_2, Boolean& A_3, String& A_4) +45
CoreLab.Common.r.a(LicenseContext A_0, Type A_1, Boolean A_2) +146
CoreLab.Common.r.a(LicenseContext A_0, Type A_1, Object A_2, Boolean A_3) +1353
CoreLab.MySql.MySqlConnection.Open() +113
LongRunningTask.upload.initDBTable() in d:\Customers\user1275616\www\utils\upload_excel.aspx.vb:136
LongRunningTask.upload.Button1_Click(Object sender, EventArgs e) in d:\Customers\user1275616\www\utils\upload_excel.aspx.vb:74
System.EventHandler.Invoke(Object sender, EventArgs e) +0
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +105
System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +107
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +7
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +11
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6953
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +154
System.Web.UI.Page.ProcessRequest() +86
System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +18
System.Web.UI.Page.ProcessRequest(HttpContext context) +49
ASP.upload_excel_aspx.ProcessRequest(HttpContext context) +29
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +154
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +64

--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET Version:2.0.50727.210


I'm trying to collect some information to send to my ISP in order to resolve this issue. Is this a licensing issue or some security issue on the application server? Does anybody have expereince with this type of issue and have some information that I can send to my ISP so they (or I) can fix the problem? For reference, this application runs fine on my development server and accesses the remote MySQL server as expected. SO, this appears to be some issue with deploying the application on my ISP's server.

Thanks,
Gary Betz
garybetz
 
Posts: 3
Joined: Thu 24 May 2007 17:56

Postby Alexey » Fri 25 May 2007 06:46

The following permissions are required for MySQLDirect .NET to work properly in a hosting environment:
In Direct mode - medium trust plus SocketPermission.
In client mode - just medium trust permissions. However, if there are no MySQLDirect .NET assemblies in GAC, the UnmanagedCode flag should be added to SecurityPermission section.
Alexey
 
Posts: 2756
Joined: Mon 13 Mar 2006 07:43

Postby garybetz » Fri 25 May 2007 14:43

Could you explain what direct and client modes are? I'm new to ASP.NET and I have an ISP that seems to be the same ;)

I have the MySQLDirect dlls in a bin directory directly beneath my application root, i.e.

wwwroot/utils/upload -- this is where the application is
wwwroot/utils/upload/Bin -- this is where the dlls are located

Do I need to set up anything else? Like what is the GAC?

Thanks,
Gary
garybetz
 
Posts: 3
Joined: Thu 24 May 2007 17:56

Postby Alexey » Tue 29 May 2007 06:38

Client mode means that you are using libmysql.dll library to communicate with MySQL Server. If you don't set Direct attribute in your connection string, this means that you are in the direct mode by default (communication with MySQL Server is performed by means of CoreLab.MySql.dll).
In this case you only need SocketPermission in addition to the medium trust level.
If you manage to provide me with your ISP web.config file, I'll try to find out which permission is a bottle neck. (Use e-mail address from the Readme file.)
Alexey
 
Posts: 2756
Joined: Mon 13 Mar 2006 07:43


Return to dotConnect for MySQL