Subtext 安装在中等信任级别中出现错误
我正在尝试在中等信任级别环境(主机:Crystaltech)并收到以下错误(见下文)。 我能够进行管理设置,但是当它尝试转到博客进行实际使用时,繁荣。
我知道我可以将环境“升级”到完全信任级别,但在执行此操作之前,我想了解为什么会发生错误以及迁移到完全信任的后果。
扩展这个问题; 什么是“信任级别”?
安全异常
描述: 应用程序试图执行 安全不允许的操作 政策。 授予此申请 需要许可请联系 您的系统管理员或更改 应用程序的信任级别 配置文件。
异常详细信息: 系统.安全.安全异常: 请求类型许可 '系统.安全.权限.安全权限, mscorlib,版本=2.0.0.0, 文化=中立, 公钥令牌=b77a5c561934e089' 失败。
来源错误:
生成了未处理的异常 当前执行期间 网络请求。 有关信息 异常的起源和地点 可以使用异常来识别 下面的堆栈跟踪。
堆栈跟踪:
[安全异常:请求 类型许可 '系统.安全.权限.安全权限, mscorlib,版本=2.0.0.0, 文化=中立, 公钥令牌=b77a5c561934e089' 失败。]
System.Web.Security.UrlAuthorizationModule.CheckUrlAccessForPrincipal(字符串 virtualPath、IPrincipal 用户、字符串 动词)+47
Subtext.Framework.UrlManager.UrlReWriteHandlerFactory.GetHandlerForUrl(字符串 网址)+66
Subtext.Framework.UrlManager.UrlReWriteHandlerFactory.ProcessHandlerTypePage(HttpHandler 项目,HttpContext 上下文)+143
Subtext.Framework.UrlManager.UrlReWriteHandlerFactory.GetHandler(HttpContext 上下文,字符串请求类型,字符串 url,字符串路径)+340
System.Web.HttpApplication.MapHttpHandler(HttpContext 上下文,字符串请求类型, VirtualPath 路径,字符串 路径翻译,布尔值 useAppConfig) +175 System.Web.MapHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +128 System.Web.HttpApplication.ExecuteStep(IExecutionStep) 步骤,布尔值& 同步完成) +161
I am trying to install Subtext in a medium trust level environment (host: Crystaltech) and am getting the following error (see below). I was able to do the administration setup but when it tries to go to the blog for actual use, boom.
I know I could "upgrade" the environment to a full trust level but I want to understand why the error is happening and the ramifications of that moving to fUll trust before I do it.
To expand upon this question; what are the "Trust Levels"?
Security Exception
Description: The
application attempted to perform an
operation not allowed by the security
policy. To grant this application the
required permission please contact
your system administrator or change
the application's trust level in the
configuration file.Exception Details:
System.Security.SecurityException:
Request for the permission of type
'System.Security.Permissions.SecurityPermission,
mscorlib, Version=2.0.0.0,
Culture=neutral,
PublicKeyToken=b77a5c561934e089'
failed.Source Error:
An unhandled exception was generated
during the execution of the current
web request. Information regarding the
origin and location of the exception
can be identified using the exception
stack trace below.Stack Trace:
[SecurityException: Request for the
permission of type
'System.Security.Permissions.SecurityPermission,
mscorlib, Version=2.0.0.0,
Culture=neutral,
PublicKeyToken=b77a5c561934e089'
failed.]
System.Web.Security.UrlAuthorizationModule.CheckUrlAccessForPrincipal(String
virtualPath, IPrincipal user, String
verb) +47
Subtext.Framework.UrlManager.UrlReWriteHandlerFactory.GetHandlerForUrl(String
url) +66
Subtext.Framework.UrlManager.UrlReWriteHandlerFactory.ProcessHandlerTypePage(HttpHandler
item, HttpContext context) +143
Subtext.Framework.UrlManager.UrlReWriteHandlerFactory.GetHandler(HttpContext
context, String requestType, String
url, String path) +340
System.Web.HttpApplication.MapHttpHandler(HttpContext
context, String requestType,
VirtualPath path, String
pathTranslated, Boolean useAppConfig)
+175 System.Web.MapHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
+128 System.Web.HttpApplication.ExecuteStep(IExecutionStep
step, Boolean& completedSynchronously)
+161
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
我认为除了转向完全信任或删除对 CheckUrlAccessForPrincipal() 的调用并重新编译之外,没有其他方法可以解决该错误。
但从表面上看,这个特定问题已经在潜台词 SVN(修订版 3290)中得到纠正。 他们还为 subtext 2.0.1 添加了一个新的构建任务,其中应该包含修复程序。 我想准备好后就会发布。
I don't think there is another way to get around the error other than moving to full trust or removing the call to CheckUrlAccessForPrincipal() and recompiling.
But by the looks of things, this particular issue has already been corrected in the subtext SVN (revision 3290). They have also added a new build task for subtext 2.0.1 which should include the fix. I guess that will be released when it's ready.
信任级别实际上只是指向某些 security.config 文件的指针。 默认信任级别在 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\web.config 中定义,“中”信任指向 web_mediumtrust.config。
至于例外情况,使用反射器查看 System.Web.Security.UrlAuthorizationModule.CheckUrlAccessForPrincipal() 会发现该方法具有 [SecurityPermission(SecurityAction.Demand, Unrestricted=true)] 属性,这意味着它需要不受限制的安全权限,它没有在中等信任度下运行。
Trust levels are really just pointers to some security.config files. The dafault trust levels are defined in C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\web.config, "Medium" trust pointing to web_mediumtrust.config.
As for the exception, taking a look at System.Web.Security.UrlAuthorizationModule.CheckUrlAccessForPrincipal() with reflector reveals that the method is attributed with [SecurityPermission(SecurityAction.Demand, Unrestricted=true)], meaning that it requires an unrestricted security permission, which it does not have running under medium trust.
更多内容请从 csgero 添加到工厂:
http://www.kowitz。 net/archive/2008/08/15/upgrading-to-subtext-2.0-fail.aspx
Phil Haack 有一条小评论,我猜他现在正忙于其他事情:)
More grist to add to the mill from csgero:
http://www.kowitz.net/archive/2008/08/15/upgrading-to-subtext-2.0-fail.aspx
There's a wee comment from Phil Haack, I guess he's busy with other stuff right now :)