我遇到了一个非常棘手的问题。我有一个我刚刚修改的Web应用程序,它允许客户提供可用于挂接到实体保存管道的自定义程序集。这些自定义程序集是在实体持久化到数据库时通过反射加载的。它们是指处理所有数据访问的通用DAL程序集。通过反射加载的程序集中的SqlClientPermission失败
我有一个测试服务器(Win2k3),该系统的工作完美无瑕。现在我已经将它推送到我的生产服务器集群(一个Win2k3和一个Win2k8),我的自定义程序集第一次调用访问数据库的DAL方法(SQL2005)。我收集的日志信息表明获取SqlClientPermission失败。与最佳做法相反,我的网络应用程序以完全信任模式运行。我的自定义程序集是强命名的。
有什么建议可以在我的测试服务器配置和我的生产服务器配置之间寻找差异吗?如果这不是适当的论坛,哪一个是?
感谢, 马修
不是一个答案,但更多的信息比我可以把评论...
现在,这是一个Win2k8 VS WIN2K3问题,因为我不再获得将出现集群中Win2k3服务器日志中的任何异常。
基本上,发生什么事是我们的实体保存管道检查,看看被保存的实体类型是否实现了某个接口。如果是这样,那么应用程序将出现在数据库中以检索实现客户特定的预保存和保存后功能的类的程序集和类名称。这些程序集位于名为“Assemblies \”的文件夹中的“App_Data”文件夹下。应用程序然后加载程序集;使用反射将该程序集中的适当类实例化为接口,然后在该接口上调用前后保存方法,以针对该特定实体类型执行客户特定的操作。在我们的例子中,这个自定义操作使用我们的DAL(使用LLBLGen,FWIW)实体类来执行一些数据库操作。
我最初的问题是,我得到了一个关于不允许部分信任调用者的SecurityException,所以我装饰了与“AllowPartiallyTrustedCallers”属性一起使用的程序集。我实例化一个SqlClientPermission和“Assert()”它,但我没有在任何地方实际授予该权限(除了我的Web应用程序在FullTrust中运行)。
感谢力所能及的帮助,您可以提供...
马修
这里是异常的的ToString()输出获取引发:
Error performing post-save operation on entity 373c595e-843b-45a1-82d0-aa166daf75de of type SS2DAL.EntityClasses.SurveyResponseEntity: SD.LLBLGen.Pro.ORMSupportClasses.ORMQueryExecutionException: An exception was caught during the execution of a retrieval query: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.. Check InnerException, QueryExecuted and Parameters of this exception to examine the cause of this exception. ---> System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
at System.Security.CodeAccessPermission.Demand()
at System.Data.SqlClient.SqlCommand.ExecuteReader(CommandBehavior behavior, String method)
at System.Data.SqlClient.SqlCommand.ExecuteDbDataReader(CommandBehavior behavior)
at System.Data.Common.DbCommand.System.Data.IDbCommand.ExecuteReader(CommandBehavior behavior)
at SD.LLBLGen.Pro.ORMSupportClasses.RetrievalQuery.Execute(CommandBehavior behavior)
The action that failed was:
Demand
The type of the first permission that failed was:
System.Data.SqlClient.SqlClientPermission
The first permission that failed was:
<IPermission
version="1"
AllowBlankPassword="False">
<add KeyRestrictions=""
KeyRestrictionBehavior="AllowOnly"/>
</IPermission>
The demand was for:
<IPermission
version="1"
AllowBlankPassword="False">
<add KeyRestrictions=""
KeyRestrictionBehavior="AllowOnly"/>
</IPermission>
The granted set of the failing assembly was:
<PermissionSet
version="1">
<IPermission
version="1"
Access="Open"/>
<IPermission
version="1"
Allowed="ApplicationIsolationByUser"
UserQuota="512000"/>
<IPermission
version="1"
Flags="Execution"/>
<IPermission
version="1"
Window="SafeTopLevelWindows"
Clipboard="OwnClipboard"/>
<IPermission
version="1"
PublicKeyBlob="0024000004800000940000000602000000240000525341310004000001000100B55C03865E07BCB230B04EF7D9ACF1E7BF41C618DB1327895C25328446039F51CF237A50989E542D3FA9BB5991D303388C5AAC7AE4E071CD7B42B96B16256FF905EC610107DB2A0872E971253919BA528187489FC89FD083118F562319BF3B66CB79035EC50D2291561D4F2B9733AD5E0ECD9BFF9B80B94C40F5888D4E1C5BDD"
Name="ProjectHelpers.Extensions"
AssemblyVersion="2.2009.208.1821"/>
<IPermission
version="1"
Url="file://dc01.bizspeed.datacenter/websites/sitesupervisor files/prjh/ProjectHelpers.Extensions.dll"/>
<IPermission
version="1"
Zone="Internet"/>
<IPermission
version="1"
Level="SafePrinting"/>
</PermissionSet>
The assembly or AppDomain that failed was:
ProjectHelpers.Extensions, Version=2.2009.208.1821, Culture=neutral, PublicKeyToken=4405fd38c7d52787
The method that caused the failure was:
SD.LLBLGen.Pro.ORMSupportClasses.EntityBase2 AfterSave(SD.LLBLGen.Pro.ORMSupportClasses.EntityBase2, SD.LLBLGen.Pro.ORMSupportClasses.DataAccessAdapterBase)
The Zone of the assembly that failed was:
Internet
The Url of the assembly that failed was:
file://dc01.bizspeed.datacenter/websites/sitesupervisor files/prjh/ProjectHelpers.Extensions.dll
--- End of inner exception stack trace ---
at SD.LLBLGen.Pro.ORMSupportClasses.RetrievalQuery.Execute(CommandBehavior behavior)
at SD.LLBLGen.Pro.ORMSupportClasses.DataAccessAdapterBase.ExecuteSingleRowRetrievalQuery(IRetrievalQuery queryToExecute, IEntityFields2 fieldsToFill, IFieldPersistenceInfo[] fieldsPersistenceInfo)
at SD.LLBLGen.Pro.ORMSupportClasses.DataAccessAdapterBase.FetchEntityUsingFilter(IEntityFields2 fieldsToFetch, IFieldPersistenceInfo[] persistenceInfos, IRelationPredicateBucket filter)
at SD.LLBLGen.Pro.ORMSupportClasses.DataAccessAdapterBase.FetchEntityUsingFilter(IEntity2 entityToFetch, IPrefetchPath2 prefetchPath, Context contextToUse, IRelationPredicateBucket filter, ExcludeIncludeFieldsList excludedIncludedFields)
at SD.LLBLGen.Pro.ORMSupportClasses.DataAccessAdapterBase.FetchEntity(IEntity2 entityToFetch, IPrefetchPath2 prefetchPath, Context contextToUse, ExcludeIncludeFieldsList excludedIncludedFields)
at SD.LLBLGen.Pro.ORMSupportClasses.DataAccessAdapterBase.FetchEntity(IEntity2 entityToFetch, IPrefetchPath2 prefetchPath)
at ProjectHelpers.Extensions.SurveyResponseSaveHelper.AfterSave(EntityBase2 entity, DataAccessAdapterBase adapter)
at SS2.RemoteObjects.DataPortal.EntitySaveWithoutRemoting(EntityBase2 entity, AuditSettings auditSettings, AuthTicket at) [NDC:(null)]
这里是方法在弹反射的物体上:
public EntityBase2 AfterSave(EntityBase2 entity, DataAccessAdapterBase adapter)
{
SurveyResponseEntity response = entity as SurveyResponseEntity;
if (response.IsComplete) // we only really want to do this if the survey has been completed.
{
SurveyEntity survey = new SurveyEntity(response.SurveyRefId);
IPrefetchPath2 questionSetPath = new PrefetchPath2((int)SS2DAL.EntityType.SurveyEntity);
IPredicateExpression filter = new PredicateExpression(QuestionSetFields.Current == 1);
questionSetPath.Add(SurveyEntity.PrefetchPathQuestionSetCollection, 1, filter)
.SubPath.Add(QuestionSetEntity.PrefetchPathQuestionPageCollection)
.SubPath.Add(QuestionPageEntity.PrefetchPathQuestionCollection);
if (adapter.FetchEntity(survey, questionSetPath))
{
// we need to instantiate the survey template save handler from this survey response (if it exists)
// then execute
if (!String.IsNullOrEmpty(survey.PostSaveAssemblyName) && !String.IsNullOrEmpty(survey.PostSaveClassName))
{
try
{
string assemblyPath = (new FileService()).GetRootAssemblyURL();
Assembly asm = Assembly.Load(File.ReadAllBytes(Path.Combine(assemblyPath, survey.PostSaveAssemblyName)));
if (asm != null)
{
Type t = asm.GetType(survey.PostSaveClassName);
ISurveyPostSaveHandler cls = (ISurveyPostSaveHandler)Activator.CreateInstance(t);
if (cls != null)
{
cls.AfterSave(response, survey, adapter);
}
}
}
catch (Exception ex)
{
// at some point, we need to add some logging here.
Logger.ErrorFormat("There was an error post-processing survey response {0} from survey {1}: {2}", response.SurveyResponseId, survey.Name, ex.ToString());
throw ex;
}
}
}
else
{
Logger.ErrorFormat("Could not post process response {0} because the parent survey could not be located", response.SurveyResponseId);
throw new ApplicationException(String.Format("Could not post process response {0} because the parent survey could not be located", response.SurveyResponseId));
}
}
return response;
}
#endregion
}
我碰到类似的是起诉没有反思。我正在将一个已编译的项目从我的Win 2k3机器移至Win 2k8。 - 在IIS中,在您要访问的bin文件夹下右键单击。 - 转到“编辑权限...”。 - 在“常规”选项卡的最底部,可能有一个按钮显示“解除锁定”。
赢2k8似乎不喜欢从其他环境复制的DLL。
您能提供执行数据访问的代码片段以及它返回的特定错误消息吗? – 2009-07-31 19:43:17
他们太长了,所以我把他们作为新的“答案” – 2009-07-31 19:51:46