CodeAccessSecurity AspNetHostingPermission

Aug 13, 2007 at 10:13 AM
Hi there,

Based on the exceptions that are being thrown in my feature receiver:

Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed

I think I need this line in the manifest.xml

<IPersmission class="AspNetHostingPermission" version="1" Level="Minimal">

Do people think that is correct, and can I achieve this using WSPBuilder?

Thanks in advance,

Aug 14, 2007 at 11:32 PM
The wspbuilder was designed to pick up permissions for assemblies going into the bin folder of the webapplication. But if no permission attributes is found in the assembly, the wspbuilder uses a standard permission set.
Therefore if you need orther permissions than specified in the standard set, please specify all of them in the assembly. Simply put the required permissions attributes on the methods and classes.
It's currently not possible to specify a file with permissions to include for a specific assembly, but the source code is open and therefore enyone is welcome to implement this feature if they like. If enyone do so, I will be happy to include the feature into wspbuilder.
Aug 20, 2007 at 8:34 AM

I'm inexperimented concerning permission attributes and I have difficulties to make wspbuilder add the AspNetHostingPermission :
Even if i have :
AspNetHostingPermission(SecurityAction.Demand, Level=AspNetHostingPermissionLevel.Low) on classes (or SecurityAction.Require on assembly), WspBuider does not add the AspNetHostingPermission .

Could you give us a litlle exemple of how to make WspBuilder recognise the AspNetHostingPermission. (I saw it uses resolvepolicy(...) but I don't understand either how it works).

Thx a lot

Aug 21, 2007 at 11:37 PM
It seems that the wspbuilder do not function correctly when it has to pick up permissions specified in assemblies.
I'm currently working on a fix.
Sep 20, 2007 at 6:25 PM
Edited Sep 20, 2007 at 6:25 PM
The wspbuilder should now pick up permissions, but its not perfect. If there are more than one of each security attribute then only the first one is used.
I have not found any clear way to implement this feature. So if any one have made a Security Attibute discovery tool that he/she like to share, I'll be very grateful :)
Oct 16, 2007 at 10:24 AM
I think the solution I just posted in can solve your permission problem.