SecurityException Request Failed Reflection

[Guest]

I'm loading a strong named assembly using reflection through auto-deploy. The
code that loads the strong named assembly is compiled at runtime. The strong
named assembly gets downloaded to the Download Cache. I can create an instace
of the assembly's class and call its methods in my program. When I re-load
the same assembly and try to create an instace of the same class again, I
recieve
a SecurityException with the message Request Failed.

Does anyone know of this behavior?

 

[Kevin Yu [MSFT]]

Hi

We have reviewed this issue and are currently researching on it. We will
update you ASAP. Thanks for your patience!

Kevin Yu
=======
"This posting is provided "AS IS" with no warranties, and confers no
rights."

 

[[MSFT]]

Hello,

As I understand, if the code is not compiled at runtime, it can load the a
strong named assembly (in download cache) successfully. Is this right? Or
the error only occur when it was called second time? Have you try to load
another strong named assembly with same code? for example, you can create a
test assembly only with a simple method for test.

Luke

 

[Guest]

I further tested problem and here is my current set up.
I have a Smartclient exe that compiles a class X dynamically and runs a
mathod of X in a separate thread.
The X's method starts a async call and in the call back function, it tries
to create an instance of a strong named dll (by using reflection. Dll is
located in the web server). There is a security policy set for the stong name
and it is full trust.

Now,
If I run the X's method in the same thread then I don't get the problem and
if I set the full trust to url (not to strong name), I don't have the
problem. If I create an instance of this dll in the X's method, I don't have
any problem (but then I can't refer to the object in the call back function).

 

[[MSFT]]

So, the problem only occur when your security policy (full trust) is with
the dll's strong name, not its url. Is this right? Have you tried to create
a simple DLL instead of this strong name dll and test again? If the problem
even occur with a simple DLL, can you provide some sample code which can
reproduce the problem? I can try it on my side and try to find what is
going on.

Luke

 

[[MSFT]]

Yes, please remove "online." from my email to get actual one.

Thanks,

Luke

 

[[MSFT]]

Hello,

Thank you for the code. With it, I have reproduced the problem. And I aslo
try to trust this assembly in Microsoft .NET Framework Wizard. Following is
what I have done:

1. Click "Trust an Assembly" in the wizard
2. Select "Make Changes to this computer"
3. Type "http://YourServer/ExeFolder/myVBCompiler.exe" for the Url
4. Select "All assemblies with the same assembly public key.
5. Grant Full trust permission.

After above steps, the assembly seems to be working.

Is this same with yours?

Luke

 

[Guest]

Luke,
I tried your suggestion but still getting the same exception.
Do see any problem in our logic?

 

[[MSFT]]

Hello,

I found the exception occur at following lines:

objReturnARUtil1 = ReferToUtil("http://orange/myUtilTester/myUtil.dll",
"myUtil.myUtilClass")
...
objReturnARUtil = System.Activator.CreateInstance(formtype)

For trouble shooting, I create another simple class instead of
"myUtil.myUtilClass". After this, it seems to work. However, when I double
check it, I found I ignored following line for the simple test class:

<Assembly: AssemblyKeyFile("..\..\..\mykeyfile.snk")>

It seems it will work if we don't use same strong name for the assemblies.

Luke

 

[Guest]

For a simple class, omitting that line works but for a class that needs
permissions to execute, it's not going to work. So I would really want to
have strong naming with this assembly.
Do you have any suggestions? Or a way to change our logic but retain the
functionality?

 

[[MSFT]]

Hello,

Can you let know why you need objReturnARUtil1 here? I saw it didn't get
used after it was created in your code. Maybe this can help us to find a
work around.

Luke

 

[Guest]

In our real application objReturnARUtil is used. Of course it has some
functionality but since I can't even instantiate the class, I omitted the
usage of it. Even if we take out the code that instantiates the dll, I have
the same problem when I try to use the dummywebservice in the second thread.
(I tried this yesterday)
The DummyWebService class is instantiated, and we start an async call to
Method1 in the first thread (by calling beginMethod1). Then in the call back
function I'm calling endMethod1 to get the result. This also causes the
security exception. So I don't understand how one can use no touch
deployment, if we are to create a thread that will make async webservice
calls. I tried to pass the dummywebservice object as a parameter to callback
function (using Asycstate). But it still gives me the security exception.

 

[[MSFT]]

I found a solution and it worked on my side. You may try it in your project:

In project myUtil, open AssemblyInfo.vb, add following line:

Imports System.Security
...
<Assembly: AllowPartiallyTrustedCallers>

And then rebuild the solution and update the fiiles on web server.

Here is the article about AllowPartiallyTrustedCallers:

http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q814669

Hope this help,


Luke

 

[Guest]

Great thank you Luke