我们遇到了命令行(批处理)应用程序和完全/部分信任的问题。如何使我的应用程序以完全信任模式运行 - .NET 4.0控制台应用程序
我们以前的版本(版本号7.13.0.63)工作正常,然而,当我们安装新版本(7.13.0.249),我们得到一个“那集不允许部分受信任的调用方”。
例外:
Stack Trace (edited):
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck)
at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean skipCheckThis, Boolean fillCache)
at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean skipCheckThis, Boolean fillCache)
at System.Activator.CreateInstance[T]()
at <Company>.Service.<Product>.Proxy.Factories.ControllerProxyFactory.Create[T]()
<Stack Trace that leads to creation of a WCF client> ...
Inner Exception:
An error occurred creating the configuration section handler for system.serviceModel/behaviors: That assembly does not allow partially trusted callers. (C:\Program Files (x86)\InsuranceLine\ListLoader\InsuranceLine.ListLoader.Launcher.exe.Config line 53)
Stack Trace:
at System.Configuration.BaseConfigurationRecord.EvaluateOne(String[] keys, SectionInput input, Boolean isTrusted, FactoryRecord factoryRecord, SectionRecordsectionRecord, Object parentResult)
at System.Configuration.BaseConfigurationRecord.Evaluate(FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentResult, Boolean getLkg, Boolean getRuntimeObject, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSection(String configKey)
at System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(String sectionName)
at System.Configuration.ConfigurationManager.GetSection(String sectionName)
at System.ServiceModel.Activation.AspNetEnvironment.UnsafeGetSectionFromConfigurationManager(String sectionPath)
at System.ServiceModel.Activation.AspNetEnvironment.UnsafeGetConfigurationSection(String sectionPath)
at System.ServiceModel.Configuration.ConfigurationHelpers.UnsafeGetAssociatedSection(ContextInformation evalContext, String sectionPath)
at System.ServiceModel.Description.ConfigLoader.LookupChannel(ContextInformation configurationContext, String configurationName, ContractDescription contract, EndpointAddress address, Boolean wildcard, Boolean useChannelElementKind, ServiceEndpoint& serviceEndpoint)
at System.ServiceModel.ChannelFactory.InitializeEndpoint(String configurationName, EndpointAddress address)
at System.ServiceModel.ChannelFactory`1..ctor(String endpointConfigurationName, EndpointAddress remoteAddress)
<Stack Trace that determines the correct WCF factory to create>
Inner Exception:
That assembly does not allow partially trusted callers.
Stack Trace:
at System.Security.CodeAccessSecurityEngine.ThrowSecurityException(RuntimeAssembly asm, PermissionSet granted, PermissionSet refused, RuntimeMethodHandleInternal rmh, SecurityAction action, Object demand, IPermission permThatFailed)
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck)
at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean skipCheckThis, Boolean fillCache)
at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean skipCheckThis, Boolean fillCache)
at System.Activator.CreateInstance(Type type, Boolean nonPublic)
at System.ServiceModel.Configuration.ServiceModelExtensionCollectionElement`1.CreateNewSection(String name)
at System.ServiceModel.Configuration.ServiceModelExtensionCollectionElement`1.DeserializeElementCore(XmlReader reader)
at System.ServiceModel.Configuration.ServiceModelExtensionCollectionElement`1.DeserializeElement(XmlReader reader, Boolean serializeCollectionKey)
at System.Configuration.ConfigurationElementCollection.OnDeserializeUnrecognizedElement(String elementName, XmlReader reader)
at System.Configuration.ConfigurationElement.DeserializeElement(XmlReader reader, Boolean serializeCollectionKey)
at System.Configuration.ConfigurationElement.DeserializeElement(XmlReader reader, Boolean serializeCollectionKey)
at System.Configuration.ConfigurationSection.DeserializeSection(XmlReader reader)
at System.Configuration.RuntimeConfigurationRecord.RuntimeConfigurationFactory.CreateSectionImpl(RuntimeConfigurationRecord configRecord, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentConfig, ConfigXmlReader reader)
at System.Configuration.RuntimeConfigurationRecord.RuntimeConfigurationFactory.CreateSectionWithRestrictedPermissions(RuntimeConfigurationRecord configRecord, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentConfig, ConfigXmlReader reader)
at System.Configuration.RuntimeConfigurationRecord.CreateSection(Boolean inputIsTrusted, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentConfig, ConfigXmlReader reader)
at System.Configuration.BaseConfigurationRecord.CallCreateSection(Boolean inputIsTrusted, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentConfig, ConfigXmlReader reader, String filename, Int32 line)
关于我们用于部署产品的过程,我们使用通过WiX创建的MSI。我们执行下列步骤:
- 卸载以前版本的产品
- 复制的MSI从网络共享(两个版本相同的份额,根据版本的不同子目录)
- 安装MSI作为管理员
- 这将安装到C:\ Program Files文件(x86)的
的只有2个版本之间的变化是:
- 额外的AppSettings项目的app.config文件(myapp.exe.config)列入指定事务超时
- 更改“使用新的TransactionScope() “to”使用新的TransactionScope(TransactionScopeOption.Required,timeoutValueReadFromAppSettingsAndStoredInLocalVariable)“
- 创建WCF客户端在此事务范围之外。
附加信息:
- 异常不会发生在我们的任何开发/分期/ QA /预生产环境。它只发生在我们的生产应用服务器上。
- 我们正在将Windows 7推广到我们的组织,因此企业策略可能已经发生变化。
- 该应用程序面向.Net Framework 4。0
- 如果我们卸载新版本,并重新安装老版本(包括网络共享副本)旧版本工作正常,仍然
- 本机正在安装为Windows Server 2008 R2
- 本机是一种是在VMware环境中托管的虚拟机
理想我想知道的几件事情:
- 如何改变组件(或设定权限安装后),以便它可以运行我呐完全信任模式
- 如何复制在开发/分期/ QA环境问题
- 明确将“不信任”大会可能重现,但我想重现它在相同的方式生产,这样,当它是安装它被认定为不可信,在我看来,做这件事的方式与“复制”网络共享有关,我从MSI /程序集中复制MSI或可能“不信任”发布者信息。
- 如何配置生产应用服务器/安全策略,以便将来安装是完全可信的(接听项目2很可能会回答这个问题)
感谢
添加了其他信息该服务器是在VMWare中托管的虚拟服务器。 – Sean
您是否找到解决方案?我遇到类似的问题。我想运行我的应用程序(EXE)完全或高信任,我也使用WiX来生成安装程序? –
对不起Darshan,我没有找到真正的解决方案。 2-3天后,新版本的安装工作正常(从同一网络位置完全相同的MSI)。但是,没有人会承认对环境做出任何改变,并且自那以后我一直无法复制这个问题。 – Sean