Cannot perform CAS Asserts in Security Transparent methods

Cannot perform CAS Asserts in Security Transparent methods

Postby jiri.pleskanka » Mon 07 Mar 2016 12:08

Hello,
we're building asp.net application (postgresql db) with devart providers (PgSqlProfileProvider, PgSqlMembershipProvider and PgSqlRoleProvider). Problem is ONLY in PgSqlProfileProvider. When i try in my code access some properties in ProfileManager then i get this exception "Cannot perform CAS Asserts in Security Transparent methods". After some research we've found this page (https://www.devart.com/dotconnect/postgresql/docs/deployment.html) and followed all instructions and still get this annoying error. Article is about deployment but i get this error locally on my dev computer as well.

web.config:
Code: Select all
<profile defaultProvider="AspNetPgSqlProfileProvider">
      <providers>
        <clear />
        <add name="AspNetPgSqlProfileProvider"
          applicationName="OBAG"
          connectionStringName="PgSqlServices"
          type="Devart.Data.PostgreSql.Web.Providers.PgSqlProfileProvider,
                Devart.Data.PostgreSql.Web, Version=7.4.543.4, Culture=neutral,
                PublicKeyToken=09af7300eec23701" />
      </providers>
      <properties>
        <add name="GRIDSETTINGS_GridSmlouvaEgp" />
      </properties>
    </profile>


Here is stack trace [((((System.Exception)(System.Web.Profile.ProfileManager.Provider))._innerException)._innerException).StackTrace]
Code: Select all
   in Devart.Common.Web.Providers.DbProfileProvider..ctor(String defaultName, String defaultDescription, DbProviderFactory provider)
   in Devart.Data.PostgreSql.Web.Providers.PgSqlProfileProvider..ctor()


Strange thing is that all other providers are fine, only profile provider is raising this exeption. What is working though is moving from 7.4.543.4 version to 7.4.543.0 (which is designed for frmwork 2.0 i suppose?).
We also tried to work with trust level. Set it to medium in web.config and then created new custom web_customtrust.config file. But with no luck.

web_customtrust.config:
Code: Select all
<configuration>
  <mscorlib>
    <security>
      <policy>
        <PolicyLevel version="1">
          <SecurityClasses>
            <SecurityClass Name="AllMembershipCondition" Description="System.Security.Policy.AllMembershipCondition, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="AspNetHostingPermission" Description="System.Web.AspNetHostingPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="DnsPermission" Description="System.Net.DnsPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="EnvironmentPermission" Description="System.Security.Permissions.EnvironmentPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="FileIOPermission" Description="System.Security.Permissions.FileIOPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="FirstMatchCodeGroup" Description="System.Security.Policy.FirstMatchCodeGroup, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="IsolatedStorageFilePermission" Description="System.Security.Permissions.IsolatedStorageFilePermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="NamedPermissionSet" Description="System.Security.NamedPermissionSet"/>
            <SecurityClass Name="PrintingPermission" Description="System.Drawing.Printing.PrintingPermission, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
            <SecurityClass Name="SecurityPermission" Description="System.Security.Permissions.SecurityPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="SmtpPermission" Description="System.Net.Mail.SmtpPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="SqlClientPermission" Description="System.Data.SqlClient.SqlClientPermission, System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="StrongNameMembershipCondition" Description="System.Security.Policy.StrongNameMembershipCondition, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="TypeDescriptorPermission" Description="System.Security.Permissions.TypeDescriptorPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="UIPermission" Description="System.Security.Permissions.UIPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="UnionCodeGroup" Description="System.Security.Policy.UnionCodeGroup, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="UrlMembershipCondition" Description="System.Security.Policy.UrlMembershipCondition, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="WebPermission" Description="System.Net.WebPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="ZoneMembershipCondition" Description="System.Security.Policy.ZoneMembershipCondition, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="ReflectionPermission" Description="System.Security.Permissions.ReflectionPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="SocketPermission" Description="System.Net.SocketPermission, System, Version=4.0.0.0,  Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
            <SecurityClass Name="RegistryPermission" Description="System.Security.Permissions.RegistryPermission, mscorlib, Version=4.0.0.0, Culture=neutral,PublicKeyToken=b77a5c561934e089"/>
          </SecurityClasses>
          <NamedPermissionSets>
            <PermissionSet
                    class="NamedPermissionSet"
                    version="1"
                    Unrestricted="true"
                    Name="FullTrust"
                    Description="Allows full access to all resources"
                        />
            <PermissionSet
                    class="NamedPermissionSet"
                    version="1"
                    Name="Nothing"
                    Description="Denies all resources, including the right to execute"
                        />
            <PermissionSet
                    class="NamedPermissionSet"
                    version="1"
                    Name="ASP.Net">
              <IPermission
                           class="RegistryPermission"
                           version="1"
                           Unrestricted="true"
                     />
              <IPermission
                           class="SocketPermission"
                           version="1"
                           Unrestricted="true"
                     />
              <IPermission
                      class="AspNetHostingPermission"
                      version="1"
                      Level="Medium"
                            />
              <IPermission
                      class="DnsPermission"
                      version="1"
                      Unrestricted="true"
                            />
              <IPermission
                      class="EnvironmentPermission"
                      version="1"
                      Read="TEMP;TMP;USERNAME;OS;COMPUTERNAME"
                            />
              <IPermission
                      class="FileIOPermission"
                      version="1"
                      Read="$AppDir$"
                      Write="$AppDir$"
                      Append="$AppDir$"
                      PathDiscovery="$AppDir$"
                            />
              <IPermission
                      class="IsolatedStorageFilePermission"
                      version="1"
                      Allowed="AssemblyIsolationByUser"
                      UserQuota="9223372036854775807"
                            />
              <IPermission
                      class="PrintingPermission"
                      version="1"
                      Level="DefaultPrinting"
                            />
              <IPermission
                      class="SecurityPermission"
                      version="1"
                      Flags="Assertion, Execution, ControlThread, ControlPrincipal, RemotingConfiguration, SkipVerification, UnmanagedCode, SerializationFormatter"
                            />
              <IPermission
                      class="SmtpPermission"
                      version="1"
                      Access="Connect"
                            />
              <IPermission
                      class="SqlClientPermission"
                      version="1"
                      Unrestricted="true"
                            />
              <IPermission
                      class="TypeDescriptorPermission"
                      version="1"
                      Unrestricted="true"
                            />
              <IPermission
                      class="WebPermission"
                      version="1"
                      Unrestricted="true"
                            />
              <IPermission
                      class="ReflectionPermission"
                      version="1"
                      Flags="RestrictedMemberAccess"/>
            </PermissionSet>
          </NamedPermissionSets>
          <CodeGroup
                  class="FirstMatchCodeGroup"
                  version="1"
                  PermissionSetName="Nothing">
            <IMembershipCondition
                    class="AllMembershipCondition"
                    version="1"
                        />
            <CodeGroup
                    class="UnionCodeGroup"
                    version="1"
                    PermissionSetName="ASP.Net">
              <IMembershipCondition
                      class="UrlMembershipCondition"
                      version="1"
                      Url="$AppDirUrl$/*"
                            />
            </CodeGroup>
            <CodeGroup
                    class="UnionCodeGroup"
                    version="1"
                    PermissionSetName="ASP.Net">
              <IMembershipCondition
                      class="UrlMembershipCondition"
                      version="1"
                      Url="$CodeGen$/*"
                            />
            </CodeGroup>
          </CodeGroup>
        </PolicyLevel>
      </policy>
    </security>
  </mscorlib>
</configuration>


Do you have any advice how to deal with this? We dont want to downgrade libraries but solve this problem.

Thanks
Jirka
jiri.pleskanka
 
Posts: 2
Joined: Mon 07 Mar 2016 10:26

Re: Cannot perform CAS Asserts in Security Transparent methods

Postby Pinturiccio » Wed 09 Mar 2016 15:09

jiri.pleskanka wrote:When i try in my code access some properties in ProfileManager then i get this exception "Cannot perform CAS Asserts in Security Transparent methods".

This error occurs because you try to use PgSqlProfileProvider with the Devart.Data.PostgreSql.Web.dll assembly of version 7.4.543.4. This provider can be used only with the Devart.Data.PostgreSql.Web.dll assembly of version 7.4.543.0.

dotConnect for PostgreSQL has three Devart.Data.PostgreSql.Web.dll assemblies that differ in version numbers:
1. 7.4.543.0 is intended for use with ASP.NET 2.0. This assembly implements such classes as PgSqlProfileProvider, PgSqlMembershipProvider and PgSqlRoleProvider. For more information, please refer to https://www.devart.com/dotconnect/postgresql/docs/?AspProviders.html
If you want to work with PgSqlProfileProvider, PgSqlMembershipProvider and PgSqlRoleProvider, you need to use exactly this Devart.Data.PostgreSql.Web.dll assembly.

2. 7.4.543.4 - is intended for use with ASP.NET MVC 4 applications. This assembly implements such classes as PgSqlExtendedMembershipProvider and PgSqlExtendedRoleProvider. For more information, please refer to https://www.devart.com/dotconnect/postgresql/docs/?ExtendedMembership-Tutorial.html

3. 7.4.543.5 - is intended for use with ASP.NET MVC 5 application.

jiri.pleskanka wrote:We also tried to work with trust level. Set it to medium in web.config and then created new custom web_customtrust.config file.

This issue is not related to the trust level. However, if you deploy your application on a computer with trust level medium, additional actions, which you have performed correctly, are required. Your web_customtrust.config is edited correctly.
Pinturiccio
Devart Team
 
Posts: 1983
Joined: Wed 02 Nov 2011 09:44

Re: Cannot perform CAS Asserts in Security Transparent methods

Postby jiri.pleskanka » Thu 10 Mar 2016 07:26

Ok now i got it. Thank you very much
Jirka
jiri.pleskanka
 
Posts: 2
Joined: Mon 07 Mar 2016 10:26


Return to dotConnect for PostgreSQL