网站在开发模式下工作;部署在 IIS 上时会导致安全异常

发布于 2024-09-09 22:42:32 字数 2213 浏览 4 评论 0 原文

我的 ASP.NET 网站在开发/调试模式下工作正常,但当我发布它时,出现以下错误:

安全异常

描述:应用程序尝试执行安全策略不允许的操作。要授予此应用程序所需的权限,请联系您的系统管理员或在配置文件中更改应用程序的信任级别。

异常详细信息: System.Security.SecurityException:请求“System.Web.AspNetHostingPermission、System、Version=2.0.0.0、Culture=neutral、PublicKeyToken=b77a5c561934e089”类型的权限失败。

我已经用谷歌搜索了这个错误,并且出现了很多,并且所有答案都说了同样的事情:放入

<trust level="Full" originUrl=""/>

web.config 文件中。

是啊,是啊。事实是,我已经检查了这一行是否在我能找到的每个 web.config 文件中 - 应用程序本身,加上框架\版本\配置\web.config 文件,32 位和 64 位(我正在运行Windows 7)。

某处一定还有另一个秘密开关——但是什么呢?

编辑

应评论者的要求,让我澄清一下:导致崩溃的页面具有来自 AJAX 控制工具包。如果我注释掉 ToolkitScriptManager 和 CalendarExtender 控件,即使在 IIS 下,该页面也可以正常工作。

错误堆栈跟踪(如果有帮助的话):

[SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
System.Reflection.Assembly._GetType(String name, Boolean throwOnError, Boolean ignoreCase) +0
System.Web.UI.NamespaceTagNameToTypeMapper.GetControlType(String tagName, IDictionary attribs, Boolean throwOnError) +209
System.Web.UI.TagPrefixTagNameToTypeMapper.System.Web.UI.ITagNameToTypeMapper.GetControlType(String tagName, IDictionary attribs) +210
System.Web.UI.MainTagNameToTypeMapper.GetControlType2(String tagName, IDictionary attribs, Boolean fAllowHtmlTags) +242
System.Web.UI.MainTagNameToTypeMapper.GetControlType(String tagName, IDictionary attribs, Boolean fAllowHtmlTags) +17
System.Web.UI.RootBuilder.GetChildControlType(String tagName, IDictionary attribs) +22
System.Web.UI.ControlBuilder.CreateChildBuilder(String filter, String tagName, IDictionary attribs, TemplateParser parser, ControlBuilder parentBuilder, String id, Int32 line, VirtualPath virtualPath, Type& childType, Boolean defaultProperty) +119
System.Web.UI.TemplateParser.ProcessBeginTag(Match match, String inputText) +605
System.Web.UI.TemplateParser.ParseStringInternal(String text, Encoding fileEncoding) +1334

My ASP.NET web site works fine in development/debug mode, but when I publish it, I'm getting the following error:

Security Exception

Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

I've googled for this error, and it comes up plenty, and ll the answers say the same thing: put

<trust level="Full" originUrl=""/>

in the web.config file.

Ya, ya, ya. Thing is, I've checked that this line is in every web.config file I could find - the app itself, plus the framework\version\config\web.config files, both 32- and 64-bit (I'm running Windows 7).

There must be another secret switch somewhere - but what?

EDIT

At the request of a commenter, let me clarify: the page that causes the crash has a control from the AJAX Control Toolkit. If I comment out the ToolkitScriptManager and CalendarExtender controls, the page works fine, even under IIS.

Error stack trace (in case it helps):

[SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
System.Reflection.Assembly._GetType(String name, Boolean throwOnError, Boolean ignoreCase) +0
System.Web.UI.NamespaceTagNameToTypeMapper.GetControlType(String tagName, IDictionary attribs, Boolean throwOnError) +209
System.Web.UI.TagPrefixTagNameToTypeMapper.System.Web.UI.ITagNameToTypeMapper.GetControlType(String tagName, IDictionary attribs) +210
System.Web.UI.MainTagNameToTypeMapper.GetControlType2(String tagName, IDictionary attribs, Boolean fAllowHtmlTags) +242
System.Web.UI.MainTagNameToTypeMapper.GetControlType(String tagName, IDictionary attribs, Boolean fAllowHtmlTags) +17
System.Web.UI.RootBuilder.GetChildControlType(String tagName, IDictionary attribs) +22
System.Web.UI.ControlBuilder.CreateChildBuilder(String filter, String tagName, IDictionary attribs, TemplateParser parser, ControlBuilder parentBuilder, String id, Int32 line, VirtualPath virtualPath, Type& childType, Boolean defaultProperty) +119
System.Web.UI.TemplateParser.ProcessBeginTag(Match match, String inputText) +605
System.Web.UI.TemplateParser.ParseStringInternal(String text, Encoding fileEncoding) +1334

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

如痴如狂 2024-09-16 22:42:32

我从一个带有遗留代码的黑暗地方来到这里,当我单击答案链接时,我得到了 404。

感觉有点像: https://imgs.xkcd.com/comics/wisdom_of_the_ancients.png

无论如何,回到机器来救援:

https://web.archive.org/web /20100329104446/http://dbvt.com/blog/post/AspNetHostingPermission-Security-Exception-Fix-with-Ajax-in-IIS7.aspx

I came here from a dark place with legacy code and when I clicked the answer link i got a 404.

Felt a bit like: https://imgs.xkcd.com/comics/wisdom_of_the_ancients.png

Anyways, Way back machine to the rescue:

https://web.archive.org/web/20100329104446/http://dbvt.com/blog/post/AspNetHostingPermission-Security-Exception-Fix-with-Ajax-in-IIS7.aspx

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文