This project has moved and is read-only. For the latest updates, please go here.

Medium Trust - Security Exception

May 3, 2010 at 4:33 AM

Has anyone successfully run Graffiti CMS 1.3 in Medium Trust? I first ran into errors when Graffiti was trying to load the Lucene.Net.dll and then when I got it to go past that I get the following:

 

Server Error in '/' Application.

Security Exception

Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: That assembly does not allow partially trusted callers.

Source Error:

Line 86:         }
Line 87:         
Line 88:         GraffitiContext graffitiContext = GraffitiContext.Create(Context);
Line 89:         graffitiContext.Theme = SiteSettings.Get().Theme;
Line 90: 


Source File: c:\inetpub\wwwroot\Global.asax    Line: 88

Stack Trace:

[SecurityException: That assembly does not allow partially trusted callers.]
   Graffiti.Core.GraffitiContext..ctor(HttpContext context) in GraffitiContext.cs:48
   Graffiti.Core.GraffitiContext.Create(HttpContext context) in GraffitiContext.cs:105
   ASP.global_asax.Application_BeginRequest(Object sender, EventArgs e) in c:\inetpub\wwwroot\Global.asax:88
   System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +68
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75



Version Information: Microsoft .NET Framework Version:2.0.50727.4927; ASP.NET Version:2.0.50727.4927 

<!-- [SecurityException]: That assembly does not allow partially trusted callers. at Graffiti.Core.GraffitiContext..ctor(HttpContext context) at Graffiti.Core.GraffitiContext.Create(HttpContext context) in C:\Users\jeremyh\Documents\Visual Studio 2010\Projects\Graffiti CMS\Branches\v1.3\src\Graffiti.Core\UI\GraffitiContext.cs:line 105 at ASP.global_asax.Application_BeginRequest(Object sender, EventArgs e) in c:\inetpub\wwwroot\Global.asax:line 88 at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) -->

 

 

May 13, 2010 at 6:42 AM

Just a quick note to say that I updated my source to the latest version tonight, recompiled, and I agree: my site won't load under Medium trust. I can replicate this either setting Medium trust in IIS and viewing my site locally, or by refreshing my GoDaddy hosting and viewing it remotely. The symptom is the same: Lucene.Net.dll won't load. I can't use an earlier version since the source has been altered to use some new functionality in Lucene.Net.dll.

I've now reverted back to an earlier version of GraffitiCMS on my site.

Cheers, Julian

May 14, 2010 at 3:57 AM

I don't have the time right now to check this out further, but has anyone tried the steps laid out here:

http://www.klopfenstein.net/lorenz.aspx/lucene.net-on-medium-trust-nhibernate-search-part-2

If no one tries it out before then, I'll see if I can take a look at it this weekend and see if we can get it to work.

May 14, 2010 at 4:01 AM

 

Version Information: Microsoft .NET Framework Version:2.0.50727.4927; ASP.NET Version:2.0.50727.4927 

 

<!-- [SecurityException]: That assembly does not allow partially trusted callers. at Graffiti.Core.GraffitiContext..ctor(HttpContext context) at Graffiti.Core.GraffitiContext.Create(HttpContext context) in C:\Users\jeremyh\Documents\Visual Studio 2010\Projects\Graffiti CMS\Branches\v1.3\src\Graffiti.Core\UI\GraffitiContext.cs:line 105 at ASP.global_asax.Application_BeginRequest(Object sender, EventArgs e) in c:\inetpub\wwwroot\Global.asax:line 88 at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) -->

 

 

madkidd, I just noticed this in the stack trace you provided - you're running Graffiti in .Net 2.0? I don't know how well that is going to work overall - the project is set up for 3.5, so you may have multiple problems if you are running the site in the 2.0 framework.

May 14, 2010 at 4:13 AM

AFAIK that is just how IIS reports it back because the core of .NET 3.5 was 2.0 -- I have 3.5 installed and everything works fine when I go to Full Trust.

I did try the steps in the link you provided which is when I started getting the error listed here instead of the timeouts from the Lucene.Net not loading.

May 14, 2010 at 4:18 AM

Okay, I forgot about that part completely - makes perfect sense.

If you have that updated Lucene.Net dll available, can you update it in the source, so we can get everyone past that point and then work on the next error (the one you are getting now)?

May 14, 2010 at 4:28 AM

I just uploaded as a patch.

May 14, 2010 at 6:26 AM

Thanks for the patch! I just applied it, along with your RSS fix one.

BTW, I also added you to the Developers role so you can check-in directly going forward and don't need to submit patches (unless you want someone else to review it first). Hope you don't mind. :)

May 15, 2010 at 12:09 AM
Edited May 15, 2010 at 12:11 AM
I just refreshed with madkidd's patch (ie, the fixed Lucene.Net.dll), and in Medium Trust I now get System.Security.SecurityException was unhandled by user code Message="That assembly does not allow partially trusted callers." Source="Graffiti.Core" StackTrace: at Graffiti.Core.GraffitiContext..ctor(HttpContext context) at Graffiti.Core.GraffitiContext.Create(HttpContext context) at ASP.global_asax.Application_BeginRequest(Object sender, EventArgs e) at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) InnerException: Which is what madkidd was getting in his original message above. In Full Trust, obviously, there's no issue. Cheers, Julian
May 15, 2010 at 12:52 AM
Continuing... I note that the error occurs when instantiating a GraffitiContext. This class is descended from VelocityContext which is defined in NVelocity.dll. I note that NVelocity.dll is now strongly-signed but wasn't before. It sounds like some permissions problem with the strong-signing of NVelocity.dll and the dll being present locally rather than in the GAC. Something to do with the AllowPartiallyTrustedCallers attribute on that assembly? Cheers, Julian
May 15, 2010 at 9:04 PM

Okay, so does anyone know specifically what 1.1 of NVelocity provides in the way of features and fixes over 1.0? It doesn't look like we can get around this and it does not appear that the source for 1.1 is available for download that we could make changes to it. I found another version of NVelocity on codeplex (v1.6.1 supposedly), but that version doesn't appear to have been touched since early last year either. And using that version would probably be a much bigger deal because it appears to be a completely new conversion, not an upgrade from the version we are using currently.

My vote is to go back to 1.0 if there is no other way to fix this and we live with it until 1.1 can be fixed or another solution (potentially that 1.6.1 version) can be found.

May 16, 2010 at 4:17 AM

Okay, I finally got Graffiti 1.3 running in medium trust. I have not tested everything to make sure I didn't break something in the meantime, but wanted to go ahead and share my results.

  • I referenced the NVelocity.dll from Graffiti 1.2 from Graffiti.Core instead of the newer version provided in the 1.3 source.
  • Even so, I continued to have issues with Lucene.Net.dll loading. I went ahead and downloaded the latest source from https://svn.apache.org/repos/asf/lucene/lucene.net/, I opened in VS2010, changed to .NET 3.5 (shouldn't have done this as it probably had nothing to do with it), and then compiled. I referenced this newly built Lucene.Net.dll in my Graffiti.Core and Graffiti.Web projects and everything started working in medium trust.

I don't want to just commit the old NVelocity.dll and the new Lucene.Net.dll to source as I am not familiar with them enough to know if they are stable enough for us to be using or not.

If there aren't any major fixes with NVelocity 1.1 I too vote we go back to 1.0 and we'll also need to go with this latest build of Lucene.Net (2.9.2.1) for it to work in medium trust. I'll continue testing it out and let everyone know if I run into any issues. I've got a site I am working on right now that is very search heavy so I should be able to stress Graffiti's implementation of Lucene.Net and know pretty quickly if there are any issues.

I'll upload a patch right now with these two new files. If one of the coordinators sees fit they can apply the patch.

May 16, 2010 at 5:59 AM
Edited May 16, 2010 at 6:59 AM

Here is specifically what changed in NVelocity 1.1 http://github.com/castleproject/NVelocity/blob/master/Changes.txt

Looks like quite a bit. The source is available there as well.

That 1.6.1 version on codeplex was a branch started before 1.1 so its probably best to try and fix 1.1 using the source on github.

May 17, 2010 at 7:02 PM

Is everyone with this problem using IIS6? So far all the errors that anyone has shown by copy&paste or a screen shot appear to be IIS6. I'm trying to recreate the problem on IIS7 in medium or low trust and have had no errors what so ever, but maybe im just not duplicating the configuration properly.

I was going to try out the most current source of Nvelocity from here http://github.com/castleproject/NVelocity/zipball/3a4feac9e6a22e400f2428508f89255b71ca1b73 and see where we are at with the most current code as far as this problem goes, but then i couldnt recreate the problem even with the existing 1.1 dll.

May 17, 2010 at 7:07 PM
Config:
  • Windows Server 2008 R2 64-bit Edition with IIS 7.5
  • 32-bit mode enabled on the application pool
  • ASP.NET 3.5
  • Trust level set to "Medium" in framework's Web.config
May 17, 2010 at 7:31 PM

Well a bit of both :). Locally I'm using IIS7 in Windows 7 to test changes before uploading them, but my GoDaddy hosting account is set to IIS6. I see the Medium Trust problem in both cases.

 

Cheers, Julian

May 17, 2010 at 8:11 PM

Got it to fail. I guess the trust settings werent taking effect.

May 17, 2010 at 9:09 PM
Edited May 17, 2010 at 11:09 PM

There is still quite a bit of discussion on the castle project at http://groups.google.com/group/castle-project-users which may be a good place to express your concerns about medium trust. It appears there has already been some discussion in the past on the issue.

May 18, 2010 at 5:57 PM
Edited May 18, 2010 at 6:00 PM

I've just uploaded a patch with NVelocity 1.1 compiled without signing. (JMBucknall's idea)

This seems to have solved the issue on my test box. I made no other changes to the code.

When in medium trust I get that url routing warning on the dashboard even tho I'm on IIS7. Is anyone else seeing that? It goes away as soon as I put it back in full trust. Either way URL routing appears to be working.

May 19, 2010 at 3:06 PM
I won't be able to test this until Friday (on a business trip), but I'll take a look then. Cheers, Julian
May 19, 2010 at 7:26 PM

Regarding the URL routing warning on the dashboard, perhaps this is displayed because in Medium Trust, graffiti cannot make an "external request" to verify that its own url routing is working. You also cannot get any RSS feed updates so the syndication feed widget and twitter widget, for example, are useless. At least thats how it is for me, but maybe I've got this configured wrong?

May 22, 2010 at 3:41 AM
jkillebrew wrote:

When in medium trust I get that url routing warning on the dashboard even tho I'm on IIS7. Is anyone else seeing that? It goes away as soon as I put it back in full trust. Either way URL routing appears to be working.

I don't get this warning when in medium trust, and the RSS feeds seem to work fine. I am however using a bit modified medium trust which was provided by my hosting company.

May 23, 2010 at 4:23 AM

Thanks for getting the med trust issues. Most are my fault for failing to test under medium trust after upgrading the Lucene & NVelocity assemblies to modern versions. I was afraid of keeping really old versions for security/bug-fixes but should have tested lower trust levels earlier. Glad they were able to get resolved.

About the URL routing warning - it does a HttpRequest to an internal page to check if the url if routed. Many shared hosting companies use a trust level that is based on medium with certain features allowed like HttpRequests. But you're right it could be a false warning if you can't do a http request. Perhaps the code could check the trust level and not attempt to detect routing support... or anyone know of a more elegant way to detect if the current framework/server supports URL Routing?

May 24, 2010 at 5:59 PM

Just a quick note to say that the unsigned NVelocity dll removes all Medium Trust issues that I can see. My site now works reliably locally as well as on GoDaddy.

Cheers, Julian

May 24, 2010 at 6:08 PM
Edited May 24, 2010 at 6:09 PM

Julian, are you able to use the file uploader? I am having trouble with it, but I think it is the cloud environment I am in and not medium trust related. Just want to get confirmation from someone else they can use the uploader just fine in medium trust.

May 25, 2010 at 12:43 AM

@madkidd: Never, ever, used it, I'm afraid, not even with the original beta of GraffitiCMS 1.0. Always used FTP, me (FireFTP in Firefox to be exact). Wasn't there some issue with the version of Flash? Or was that ages ago?

Cheers, Julian

May 26, 2010 at 2:08 AM

@madkidd: I just tried using the file uploading code in my live website on GoDaddy in two separate ways with no issue. First I uploaded a new theme XML file from my desktop: worked fine and the theme files were properly unpacked and saved in a new folder. Then just for grins I uploaded a file to some arbitrary folder on the site using the File Browser app in the Graffiti admin portal: again no issue.

So, Graffiti's file uploading code seems to be working in Medium Trust with the latest changes.

Cheers, Julian

May 26, 2010 at 2:18 AM

Great, thank you Julian.