Problem running app from network share

[Chris Dunaway]

I have created an application that is to be run from a network share.

From the machine that we intended to run the app, I used caspol to

grant FullTrust to the application. After doing so, the application
started fine.

I had to make a change and re-compiled the app. Now, it won't start
up. Instead, I get the Windows Error about sending the error to
Microsoft. I thought perhaps that somehow the changes I made were
causing problems so I removed trust for the app and re-added it by
issuing the following commands:

caspol -rg CafeSystem
caspol -m -ag All_Code -url file://server/folder/* FullTrust -n
CafeSystem

It seemed to grant trust successfully and when I execute the following
command:

caspol -rsg "\\Server\folder\Cafe System.exe"

I get this output:

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727>caspol -rsg
"\\server\folderCafe System.exe"
Microsoft (R) .NET Framework CasPol 2.0.50727.42
Copyright (c) Microsoft Corporation. All rights reserved.


Level = Enterprise

Code Groups:

1. All code: FullTrust


Level = Machine

Code Groups:

1. All code: Nothing
1.2. Zone - Intranet: LocalIntranet
1.2.1. All code: Same site Web
1.2.2. All code: Same directory FileIO - 'Read, PathDiscovery'
1.6. Url - file://lps18202/cafeadm/*: FullTrust


Level = User

Code Groups:

1. All code: FullTrust

Success'


So it seems as if FullTrust has been successfully granted yet the
program crashes. The person on whose machine this will be run has all
the necessary permissions on the server and shared folder. So I don't
think it is a permissions issue. The machine is running W2K SP4. The
app ran successfully on this same machine before but I am at a loss as
to how to proceed.

Anyone care to offer any insight?

Thanks,

 

[Nicholas Paldino [.NET/C# MVP]]

Chris,

Well, if it is not a permissions issue, what exactly is the exception
that is being thrown?

Also, I would recommend granting permissions using a strong name key for
the program, and not for the location.

 

[Chris Dunaway]

Well, if it is not a permissions issue, what exactly is the exception
that is being thrown?

Well, it is not throwing an exception. It just pops up the standard
Windows Crash Dialog. I added some crude error logging to a text file
and I have determined that the program is, in fact, running. The error
seems to be caused by the following method:

//Encrypts the connectionStrings section of the .config file if
not already
static void ConfigEncryption()
{

string exeName = Assembly.GetExecutingAssembly().Location;

// Open the configuration file and retrieve
// the connectionStrings section.
Configuration config =
ConfigurationManager.OpenExeConfiguration(exeName);
ConnectionStringsSection section =
config.GetSection("connectionStrings") as ConnectionStringsSection;

//Only encrypt it if not already encrypted.
if (!section.SectionInformation.IsProtected)
{
// Encrypt the section.

section.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");

// Save the current configuration if we encrypted it
config.Save();
}
}

I have log message that show it reaches this method and then crashes.
I don't know at this point where inside this method it dies, but if it
throws an exception, it is not being caught by my ThreadException
handler.

BTW: This method is static because it is being called from static void
main.

The machine it is running on is W2K SP4

 

[Chris Dunaway]

Well, it is not throwing an exception. It just pops up the standard

Wel I finally managed to catch the exception. I have pasted the
exception below. It occurs on the following line:

ConnectionStringsSection section =
config.GetSection("connectionStrings") as ConnectionStringsSection;

The code attempts to encrypt the connectionStrings section of the
app.config upon first run of the application.

The first time I ran the code from my development machine. The
connection string section was encrypted. The next time I ran it, I ran
it from the other machine so I am speculating that the other machine
could not decrypt what was encrypted on my machine.

Any ideas?

EXCEPTION TEXT:

Failed to decrypt using provider 'DataProtectionConfigurationProvider'.
Error message from the provider: Key not valid for use in specified
state. (Exception from HRESULT: 0x8009000B) (\\lps18202\CafeAdm\Cafe
System.exe.config line 12): at
System.Configuration.BaseConfigurationRecord.EvaluateOne(String[] keys,
SectionInput input, Boolean isTrusted, FactoryRecord factoryRecord,
SectionRecord sectionRecord, Object parentResult)
at
System.Configuration.BaseConfigurationRecord.Evaluate(FactoryRecord
factoryRecord, SectionRecord sectionRecord, Object parentResult,
Boolean getLkg, Boolean getRuntimeObject, Object& result, Object&
resultRuntimeObject)
at
System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String
configKey, Boolean getLkg, Boolean checkPermission, Boolean
getRuntimeObject, Boolean requestIsHere, Object& result, Object&
resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSection(String
configKey, Boolean getLkg, Boolean checkPermission)
at System.Configuration.Configuration.GetSection(String sectionName)
at Com.Leggett.Cafe.Register.Program.ConfigEncryption()
at Com.Leggett.Cafe.Register.Program.Main(String[] args)
Key not valid for use in specified state. (Exception from HRESULT:
0x8009000B): at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo)
at System.Runtime.InteropServices.Marshal.ThrowExceptionForHR(Int32
errorCode)
at
System.Configuration.DpapiProtectedConfigurationProvider.DecryptText(String
encText)
at
System.Configuration.DpapiProtectedConfigurationProvider.Decrypt(XmlNode
encryptedNode)
at
System.Configuration.Internal.InternalConfigHost.System.Configuration.Internal.IInternalConfigHost.DecryptSection(String
encryptedXml, ProtectedConfigurationProvider protectionProvider,
ProtectedConfigurationSection protectedConfigSection)
at
System.Configuration.Internal.DelegatingConfigHost.DecryptSection(String
encryptedXml, ProtectedConfigurationProvider protectionProvider,
ProtectedConfigurationSection protectedConfigSection)
at
System.Configuration.Internal.DelegatingConfigHost.DecryptSection(String
encryptedXml, ProtectedConfigurationProvider protectionProvider,
ProtectedConfigurationSection protectedConfigSection)
at
System.Configuration.BaseConfigurationRecord.CallHostDecryptSection(String
encryptedXml, ProtectedConfigurationProvider protectionProvider,
ProtectedConfigurationSection protectedConfig)
at
System.Configuration.BaseConfigurationRecord.DecryptConfigSection(ConfigXmlReader
reader, ProtectedConfigurationProvider protectionProvider)

 

[Chris Dunaway]

Well, the reason it was failing is because the
"DataProtectionConfigurationProvider" which was being used bases its
keys off the machine it is running on. So, when I initially ran the
app on my machine, the connectionStrings section was encrypted based on
my machine. Later attempting to run the app from another machine
failed because the other machine did not have the keys to decrypt the
connectionStrings section.

I'm not sure what I can do. The app will be installed on a network
share and run from there but there will be more than one person who may
access the app from their work stations. How can I specify a single
key to decrypt the connectionString section that will work from all the
machines used to access the app?

Thanks,

Chris