Tuesday, May 20, 2008

System.Security.SecurityException Request for the permision of type..... errors

I have been developing applications using the Revit API (based on the .Net framework) for my workplace. I have been storing these applications on a network drive and having each user simply run them from there. This allows easy updating and easy deployment. Unfortunately, Microsoft have battened down the hatches when it comes to security for applications not running off your hard drive. There are "Security Zones" in .net (you can see these on most machines in Administrative tools in .Net Framework Configuration), Intranet is one of them. The security level on Intranet is very high, just below the Internet level! So, any application running off a network drive will have issues if it tries to do anything other than basic GUI functionality. This includes TCP Streams (SocketPermission) and File Access(IOPermission). We have a file server which stores our files and programs, I want anything on that server to be trusted fully. After some searching I found a very helpful blog from "ShawnFa", who is a bit of a .Net security guru. So then, I just made a script which does: echo y|C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\caspol.exe -m -ag 1.2 -url file://server/share/* FullTrust changing the server and the share to the ones you want to allow. Echo Y takes away hte need for the user to confirm. I've added the full path to the .net framework as the script didn't work for me without it, you might just need caspol.exe. But adding the full path gives you the ability to set it for different frameworks (.Net 1.1 applications don't use the .net 2.0 security I believe etc) Now I've dumped that in a startup script for my users, and all is good!

No comments: