Security Exception - Deploying Windows .NET Application

[None]

I am getting security exception when I try to access any network
folder or database or when I am trying to create a file on the network
share using my .NET Windows application. I know I can make it to work
from my machine making the code FULLTRUST.

What I need to know is how I would be able to make the application
work across the network from all machines without using the .NET
configuration utility or making it as a package may be using a batch
script?

Any help is greatly appreciated.

Thanks

 

[Norman Yuan]

I am getting security exception when I try to access any network
folder or database or when I am trying to create a file on the network
share using my .NET Windows application. I know I can make it to work
from my machine making the code FULLTRUST.

What exactly the situation that cause security exception is?

Is it that you place your app's exe file on network share? Or is it
accessing database? or Is it creating file? They are all different things
and only run app from a network share needs to configure .NET to give proper
trust. Database accessing and file accessing has nothing to do with giving
..NET code certain trust.

If you issue is caused by database/data file accessing, you need to look
into something else that .NET code security.

What I need to know is how I would be able to make the application
work across the network from all machines without using the .NET
configuration utility or making it as a package may be using a batch
script?

If you make a set up package, then you install your app in the running
computer, you do not need configure .NET security. If you do not load some
..NET code from a network share, you need run CASPOL.exe command line tool or
use .NET configuration applet (only available for .NET 1.x, though). Of
cause you can integrate the CASPOL.exe command into a script or *.bat file
and run it remotely with appropriate tool.

 

[None]

Thanks for your reply.

Yes I am running the application from network share.

I am getting exception in 2 cases/applications

1. Application resides in the network share and I am accessing from
local machine, security exception occurs when the application tries to
connection to the access database.

2. Application resides in the network share and I am accessing from
local machine, security exception occurs when the application tries to
create a file in the netowrk share.

It would be great if you can send me a batch sample script to avoid
those.

Thanks

 

[Norman Yuan]

Thanks for your reply.

Yes I am running the application from network share.

I am getting exception in 2 cases/applications

1. Application resides in the network share and I am accessing from
local machine, security exception occurs when the application tries to
connection to the access database.

As you already know, you need to configure .NET security to allow .NET code
from outside the computer to run. Search the web for CASPOL.exe. there are
lot of links on this topic. Giving entire local intranet full trust in order
to load .NET app from network share is a bit too much. I usually create
code group, which pointing to a network folder. I then make that folder
read-only for all users, and only network admin/myself have write
permission. So, all .NET code can only get into this folder by admin/myself,
so I can give full trust to the folder.

I use this CASPOL.exe command to create the code group, which create a code
security group and pointing it to a network folder:

C:\Windows\Microsoft.net\framework\v2.0.50727\caspol -machine -addgroup
All_Code -url file://serverName/ShaerName/* FullTrust -name
MyNetAppCodeGroup -description "My NET Application Code Group"

Watch out line wrap. You can simply save this line as a text file with *.bat
extention, then run it on the computers.

2. Application resides in the network share and I am accessing from
local machine, security exception occurs when the application tries to
create a file in the netowrk share.

Whether your application can create/modify a file on a network folder or
(anywhere), depends on your network setup, i.e. if the login user, who is
running the application, has appropriate permission to do certain thing to
the file (read/write/delete...). You need to talk to the network/computer
administrator on this.