Sikkerhedsproblemer med asp.net og "web.config"
Hej folkens,Først fik jeg følgende:
Server Error in '/' Application.
--------------------------------------------------------------------------------
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Requested registry access is not allowed.
Source Error:
[No relevant source lines]
Source File: c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\3267a2e5\a9b85171\App_Web_hn04q_3f.0.cs Line: 0
Stack Trace:
[SecurityException: Requested registry access is not allowed.]
System.ThrowHelper.ThrowSecurityException(ExceptionResource resource) +48
Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean writable) +2780889
System.Diagnostics.EventLog.CreateEventSource(EventSourceCreationData sourceData) +360
System.Diagnostics.EventLog.CreateEventSource(String source, String logName) +41
DK.Sydbank.TFO.Mapping.MappingObj.InitEventLog() +35
DK.Sydbank.TFO.Mapping.MappingObj..ctor() +24
DK.Sydbank.TFO.Mapping.MappingObj.GetInstance() +29
DK.Sydbank.TFO.Mapping.CreateUsers.dlgCreateUserWizard_CreatedUser(Object sender, EventArgs e) +15
System.Web.UI.WebControls.CreateUserWizard.OnCreatedUser(EventArgs e) +105
System.Web.UI.WebControls.CreateUserWizard.AttemptCreateUser() +341
System.Web.UI.WebControls.CreateUserWizard.OnNextButtonClick(WizardNavigationEventArgs e) +105
System.Web.UI.WebControls.Wizard.OnBubbleEvent(Object source, EventArgs e) +453
System.Web.UI.WebControls.CreateUserWizard.OnBubbleEvent(Object source, EventArgs e) +149
System.Web.UI.WebControls.WizardChildTable.OnBubbleEvent(Object source, EventArgs args) +17
System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +35
System.Web.UI.WebControls.Button.OnCommand(CommandEventArgs e) +115
System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +163
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +7
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +11
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6953
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +154
System.Web.UI.Page.ProcessRequest() +86
System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +18
System.Web.UI.Page.ProcessRequest(HttpContext context) +49
ASP.createusers_aspx.ProcessRequest(HttpContext context) in c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\3267a2e5\a9b85171\App_Web_hn04q_3f.0.cs:0
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +154
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +64
Herefter indsatte jeg følgende i "web.config":
<location allowOverride="true">
<system.web>
<securityPolicy>
<trustLevel name="Full" policyFile="internal" />
<trustLevel name="High" policyFile="web_hightrust.config" />
<trustLevel name="Medium" policyFile="web_mediumtrust.config" />
<trustLevel name="Low" policyFile="web_lowtrust.config" />
<trustLevel name="Minimal" policyFile="web_minimaltrust.config"/>
</securityPolicy>
<trust
level="Full"
originUrl=""
processRequestInApplicationTrust="true"
/>
</system.web>
</location>
Så får jeg følgende:
Server Error in '/' Application.
--------------------------------------------------------------------------------
Unable to read the security policy file for trust level 'High'.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Web.HttpException: Unable to read the security policy file for trust level 'High'.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[HttpException (0x80004005): Unable to read the security policy file for trust level 'High'.]
System.Web.HttpRuntime.SetTrustLevel(TrustSection trustSection, SecurityPolicySection securityPolicySection) +467
System.Web.HttpRuntime.HostingInit(HostingEnvironmentFlags hostingFlags) +239
[HttpException (0x80004005): Unable to read the security policy file for trust level 'High'.]
System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +3426839
System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +88
System.Web.HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr) +149
Hvad kan jeg gøre?
Mvh.
Rocco