«
»

Get out of the GAC!

I work in an environment that is very fast paced. As a result, I am not always afforded the time to do things correctly, or the way I wish, the first time.

I have a number of assemblies that contain code shared across many Web Parts. In the past, I always placed these shared assemblies in the GAC simply because it was the "easy way out". I had some extra time and thought it would be a good idea to finally get those assemblies out of the GAC and moved into a more secure area; welcome to the BIN directory! I have a fairly good understanding of Code Access Security (CAS); building permission sets and code groups allowing code to run in the proper security context. But for the life of me, I still had problems. No matter what I did, I would receive an error indicating "Execution permission cannot be acquired".

I scratched my head, reviewed my code; to see who was naughty and who was nice. Still nothing, I couldn't find anything wong with my permission set and/or permission elements in my config file. So I dropped Maurice Prather an e-mail and he quickly pointed me in the right direction. Knocking my head on my desk; does AllowPartiallyTrustedCallers ring a bell Bob?

The shared assemblies were running in the GAC which gives FullTrust to them. That's actually the problem with running code in the GAC; anyone, trusted or not, can call your code. Pulling the assemblies out of the GAC and placing them in the BIN directory changed the manner in which they were being called. So here is what needs to be done.

  • Open the AssembleInfo.cs file for your shared assembly.
  • Make sure you have included the 'using System.Security' reference.
  • Anywhere in that file add the [assembly:AllowPartiallyTrustedCallers] assembly attribute. For more information on this assembly attribute, see MSDN : AllowPartiallyTrustedCallersAttribute Class.
  • Recompile, deploy the assemblie(s) and reset IIS.

That's all there is to it. Too simple, but it took time out of my day so I thought I would share it with you! Thank you Maurice for all the help!

This entry was posted on Tuesday, December 6th, 2005 at 2:41 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply


«
»

Get out of the GAC!

I work in an environment that is very fast paced. As a result, I am not always afforded the time to do things correctly, or the way I wish, the first time.

I have a number of assemblies that contain code shared across many Web Parts. In the past, I always placed these shared assemblies in the GAC simply because it was the "easy way out". I had some extra time and thought it would be a good idea to finally get those assemblies out of the GAC and moved into a more secure area; welcome to the BIN directory! I have a fairly good understanding of Code Access Security (CAS); building permission sets and code groups allowing code to run in the proper security context. But for the life of me, I still had problems. No matter what I did, I would receive an error indicating "Execution permission cannot be acquired".

I scratched my head, reviewed my code; to see who was naughty and who was nice. Still nothing, I couldn't find anything wong with my permission set and/or permission elements in my config file. So I dropped Maurice Prather an e-mail and he quickly pointed me in the right direction. Knocking my head on my desk; does AllowPartiallyTrustedCallers ring a bell Bob?

The shared assemblies were running in the GAC which gives FullTrust to them. That's actually the problem with running code in the GAC; anyone, trusted or not, can call your code. Pulling the assemblies out of the GAC and placing them in the BIN directory changed the manner in which they were being called. So here is what needs to be done.

  • Open the AssembleInfo.cs file for your shared assembly.
  • Make sure you have included the 'using System.Security' reference.
  • Anywhere in that file add the [assembly:AllowPartiallyTrustedCallers] assembly attribute. For more information on this assembly attribute, see MSDN : AllowPartiallyTrustedCallersAttribute Class.
  • Recompile, deploy the assemblie(s) and reset IIS.

That's all there is to it. Too simple, but it took time out of my day so I thought I would share it with you! Thank you Maurice for all the help!

This entry was posted on Tuesday, December 6th, 2005 at 2:41 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply