I have a C# application that I want to run as a "smart client", by executing
the exe through IE pointing to an intranet server. I need to increase
permissions to the application because it accesses a local SQL server, and
the Intranet zone by default doesn't have rights to do this
(SqlClientPermission).
So, I assigned FullTrust to the URL that points to my app through the .NET
configuration tool. Everything was working fine until I needed to have my
app access an unmanaged COM object. That object needs to run in an STA
thread, and the IExec process that starts my app is MTA. So, no problem - I
started an STA thread and have all my code run inside that.
Now I have a strange security problem. The application will run fine if I
run it directly by double-clicking on the exe in "My Computer", but when I
try to run it through the IE shortcut, I get a permission exception -
SqlClientPermission.
Code running in the STA thread is doesn't longer have the rights I assigned
in the .NET config tool. I verified this by requesting SQLClientPermission
in the calling thread, and then in the created thread. The calling thread
can get the permission fine. The created thread can't. I then tried having
the created thread impersonate the WindowsIdentity of the calling thread,
but it doesn't have rights to do that, either.
Anyone have any ideas?
- Dave
|
Similar Threads
