代码访问安全策略问题 - 将第三方DLL部署到bin

时间:2010-10-15 17:36:57

标签: c# asp.net sharepoint code-access-security wspbuilder

好吧,我想你们大多数人都使用wspbuilder来构建wsp解决方案并进行部署。所以这是我的问题。

我正在开发一个SharePoint解决方案,该解决方案利用第三方dll(Telerik for Asp.Net Ajax - Telerik.Web.UI.dll)获得丰富的体验。由于Telerik DLL是一个常见的程序集,我必须将其部署到Web应用程序的bin文件夹而不是GAC。所以这就出现了问题。

如果dll出现在GAC文件夹中,WSPBuilder会自动将dll部署到gac。要在bin中部署telerik dll,我创建了文件夹80 \ bin并将dll复制到那里。我试图再次构建wsp,然后通过创建的manifest.xml。大。 dll的部署目标已更改为WebApplication,而wspbuilder非常智能,可以自行创建cas策略。

<CodeAccessSecurity>
        <PolicyItem>
            <PermissionSet class="NamedPermissionSet" version="1" Description="WSPBuilder generated permissionSet" Name="Telerik.Web.UI4a48967c-0673-4c67-a176-ca7c72c30c4d">
                <IPermission class="PrintingPermission" version="1" Level="DefaultPrinting" />
                <IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Flags="SerializationFormatter" />
                <IPermission class="SharePointPermission" version="1" ObjectModel="True" />
                <IPermission class="EnvironmentPermission" version="1" Read="TEMP;TMP;USERNAME;OS;COMPUTERNAME" />
                <IPermission class="System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Level="Minimal" />
                <IPermission class="WebPartPermission" version="1" Connections="True" />
                <IPermission class="FileIOPermission" version="1" Read="$AppDir$" Write="$AppDir$" Append="$AppDir$" PathDiscovery="$AppDir$" />
                <IPermission class="WebPermission" version="1">
                    <ConnectAccess>
                        <URI uri="$OriginHost$" />
                    </ConnectAccess>
                </IPermission>
                <IPermission class="IsolatedStorageFilePermission" version="1" Allowed="AssemblyIsolationByUser" UserQuota="9223372036854775807" />
                <IPermission class="DnsPermission" version="1" Unrestricted="true" />
                <IPermission class="SmtpPermission" version="1" Access="Connect" />
                <IPermission class="SqlClientPermission" version="1" Unrestricted="true" />
            </PermissionSet>
            <Assemblies>
                <Assembly Name="Telerik.Web.UI" Version="2010.2.826.35" PublicKeyBlob="002400000480000094000000060200000024000052534131000400000100010069F31F753C891D9F7F9D1CD0B579F61977769A5A48E01247CC2481C8765613854C8DCB5101DD092D5075A7339B4E34D0C9BD417F54972C7554AE480D6B1BB17BE8C1527554644BBD352D9498B174EAFF1090A30E1F7C2C3073669CB3EFC7D9640E82049F5FDA08CA58072C14169091A0BC7092EB6DE9C2A249A3C80F7704E5CF" />
            </Assemblies>
        </PolicyItem>
    </CodeAccessSecurity>

但是Wspbuilder不够聪明,不能将SharePointPermission IPermission类的四个部分名称放在一起。但我了解到CAS实际上需要四个部分的名称。所以我决定使用wspbuilder.exe的-CustomCAS命令行选项来传递我的自定义cas策略文件。

这是我的自定义政策文件 - 

<IPermission class="AspNetHostingPermission" version="1" Level="Minimal" />

<IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Flags="Execute" />

<IPermission class="Microsoft.SharePoint.Security.SharePointPermission, Microsoft.SharePoint.Security, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" version="1" ObjectModel="True" UnsafeSaveOnGet="True" Unrestricted="True" />

<IPermission class="System.Security.Permissions.EnivronmentPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Read="UserName" />

因此在构建wsp之后,manifest.xml的cas部分读取了这个 - 

<CodeAccessSecurity>
        <PolicyItem>
            <PermissionSet class="NamedPermissionSet" version="1" Description="WSPBuilder generated permissionSet" Name="Telerik.Web.UIa2cbae96-9c52-459e-80f6-3391af7775ae">
                <IPermission class="PrintingPermission" version="1" Level="DefaultPrinting" />
                <IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Flags="SerializationFormatter" />
                <IPermission class="SharePointPermission" version="1" ObjectModel="True" />
                <IPermission class="EnvironmentPermission" version="1" Read="TEMP;TMP;USERNAME;OS;COMPUTERNAME" />
                <IPermission class="System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Level="Minimal" />
                <IPermission class="WebPartPermission" version="1" Connections="True" />
                <IPermission class="FileIOPermission" version="1" Read="$AppDir$" Write="$AppDir$" Append="$AppDir$" PathDiscovery="$AppDir$" />
                <IPermission class="WebPermission" version="1">
                    <ConnectAccess>
                        <URI uri="$OriginHost$" />
                    </ConnectAccess>
                </IPermission>
                <IPermission class="IsolatedStorageFilePermission" version="1" Allowed="AssemblyIsolationByUser" UserQuota="9223372036854775807" />
                <IPermission class="DnsPermission" version="1" Unrestricted="true" />
                <IPermission class="SmtpPermission" version="1" Access="Connect" />
                <IPermission class="SqlClientPermission" version="1" Unrestricted="true" />
                <IPermission class="AspNetHostingPermission" version="1" Level="Minimal" />

                <IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Flags="Execute" />

                <IPermission class="Microsoft.SharePoint.Security.SharePointPermission, Microsoft.SharePoint.Security, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" version="1" ObjectModel="True" UnsafeSaveOnGet="True" Unrestricted="True" />

                <IPermission class="System.Security.Permissions.EnivronmentPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Read="UserName" />
            </PermissionSet>
            <Assemblies>
                <Assembly Name="Telerik.Web.UI" Version="2010.2.826.35" PublicKeyBlob="002400000480000094000000060200000024000052534131000400000100010069F31F753C891D9F7F9D1CD0B579F61977769A5A48E01247CC2481C8765613854C8DCB5101DD092D5075A7339B4E34D0C9BD417F54972C7554AE480D6B1BB17BE8C1527554644BBD352D9498B174EAFF1090A30E1F7C2C3073669CB3EFC7D9640E82049F5FDA08CA58072C14169091A0BC7092EB6DE9C2A249A3C80F7704E5CF" />
            </Assemblies>
        </PolicyItem>
    </CodeAccessSecurity>

我部署了wsp后我验证了

* the dlls going to bin
* the trust level changed to custom trust level
* custom policy file being added to config folder

但是当我运行页面时,我收到以下错误 -

屏幕截图 -

alt text

错误 -

执行权限被拒绝

堆栈追踪 -

告诉我你是否想要堆栈跟踪。这有点令人讨厌。

我已经检查了我的整个应用程序是否有任何dll的程序集引用。但我找不到一个。有什么想法吗?

1 个答案:

答案 0 :(得分:2)

我认为你的CAS政策中只有一个错字:

<IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Flags="Execute" />

应该是Flags="Execution"而不是"Execute"

相关问题
最新问题