当前位置: 文江博客话题详情

在 VSTO Word 插件中调试 TrustNotGrantedException

发布于 2024-12-02 01:30:35 字数 1942 浏览 0 评论 0原文

我收到针对 VSTO 单词插件的某些特定用户抛出的 TrustNotGrantedException 异常。

这些用户已正确安装证书。

当应用程序检查更新时抛出异常:

try
{
    ApplicationDeployment.CurrentDeployment.CheckForUpdate()
}
catch(TrustNotGrantedException ex)
{
    Log(ex);
}

堆栈跟踪记录如下:

User has refused to grant required permissions to the application.

   at System.Deployment.Application.ApplicationTrust.RequestTrust(SubscriptionState subState, Boolean isShellVisible, Boolean isUpdate, ActivationContext actCtx, TrustManagerContext tmc)    at System.Deployment.Application.DeploymentManager.DetermineTrustCore(Boolean blocking, TrustParams tp)    at System.Deployment.Application.DeploymentManager.DetermineTrust(TrustParams trustParams)    at System.Deployment.Application.ApplicationDeployment.CheckForDetailedUpdate(Boolean persistUpdateCheckResult)    at System.Deployment.Application.ApplicationDeployment.CheckForUpdate()    at iReport.iReportAddIn.CheckForUpdates()

是否有人经历过这种情况或知道如何在代码中或使用任何解决方法来防止这种情况?

编辑:

我已阅读此关于这些问题的博客文章,看起来这可能是问题用户的 CAS 权限问题。

我将尝试让有问题的用户使用此方法访问更新 URL,并稍后进行跟进,尽管我更希望能够在代码中阻止这种情况,而不是修复单个客户端计算机。类似于:

caspol -m -ag 1 -url "http://machinename/application/*" FullTrust -exclusive on

Edit2:

使用 caspol.exe 有效!有谁知道如何防止代码中发生这种情况? 或者谁能​​解释为什么它只会发生在选定的用户身上?

Edit3:

我将尝试添加

<system.web>
  <!-- level="[Full|High|Medium|Low|Minimal]" -->
  <trust level="Full" originUrl=""/>
</system.web>

到 app.config

Edit4:

将完整的 CAS 信任添加到 app.config 没有帮助。谁能告诉我是否有可能实现 CASPOL 在代码中所做的事情?

Edit5:

如果无法在代码中执行此操作,是否有一种简单的方法可以在 clickonce 安装过程中运行 CASPOL 命令?

原文

I'm getting TrustNotGrantedException thrown for some specific users of our VSTO word addin.

These users have the certificate installed correctly.

The exception is being thrown when the app checks for updates:

try
{
    ApplicationDeployment.CurrentDeployment.CheckForUpdate()
}
catch(TrustNotGrantedException ex)
{
    Log(ex);
}

The stack trace is logged as follows:

User has refused to grant required permissions to the application.

   at System.Deployment.Application.ApplicationTrust.RequestTrust(SubscriptionState subState, Boolean isShellVisible, Boolean isUpdate, ActivationContext actCtx, TrustManagerContext tmc)    at System.Deployment.Application.DeploymentManager.DetermineTrustCore(Boolean blocking, TrustParams tp)    at System.Deployment.Application.DeploymentManager.DetermineTrust(TrustParams trustParams)    at System.Deployment.Application.ApplicationDeployment.CheckForDetailedUpdate(Boolean persistUpdateCheckResult)    at System.Deployment.Application.ApplicationDeployment.CheckForUpdate()    at iReport.iReportAddIn.CheckForUpdates()

Has anyone experienced this or knows how to prevent this in the code or with any workarounds?

Edit:

I have read through this blog post on the issues and it seems like it could be an issue with CAS Permissions for the problem users.

I'll try and give a problem user access to the update URL using this and will follow up in a bit, although I would much prefer to be able to prevent this in the code instead of fixing individual client machines. Something like:

caspol -m -ag 1 -url "http://machinename/application/*" FullTrust -exclusive on

Edit2:

Using caspol.exe worked! Does anyone know a way to prevent this from happening in the code?
Or can anyone explain why it could only be happening to select users?

Edit3:

I'm going to try add

<system.web>
  <!-- level="[Full|High|Medium|Low|Minimal]" -->
  <trust level="Full" originUrl=""/>
</system.web>

to the app.config

Edit4:

Adding full CAS trust to the app.config didn't help. Can anyone show me if its possible to achieve what CASPOL is doing in code?

Edit5:

If it isn't possible to do this in code, is there a easy way to run the CASPOL command as part of the clickonce install?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

年华零落成诗 2024-12-09 01:30:35

在最新版本的 Windows 中,下载的文件被标记为被阻止,并对其施加安全限制,当其他应用程序使用沙盒时,可能会导致损坏。

该实现使用NTFS 备用流。如果文件被阻止,您可以通过右键单击该文件、查看属性并查看取消阻止按钮来判断。单击取消阻止将删除并释放额外的安全限制。

也可以使用 sysinternals 删除它 streams.exe< /代码>。通过在 Windows 7 计算机上下载插件来测试这是否是您的问题,然后在不解锁的情况下进行安装,看看是否会重现该问题。

In recent versions of Windows, downloaded files are flagged as blocked and have security restrictions imposed on them that can cause breakage when consumed by other apps due to the sandboxing.

The implementation uses NTFS alternate streams. If the file is blocked you can tell by right clicking on the file, viewing properties and seeing the unblock button. Clicking unblock removes the stream and releases the extra security restrictions.

It can also be removed using sysinternals streams.exe. Test whether this is your issue by downloading your plugin on a Windows 7 machine, and then install without unblocking to see if it reproduces the issue.

回复 原文
~没有更多了~

关于作者

流心雨

暂无简介

0 文章
0 评论
302 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

醉城メ夜风

文章 0 评论 0

远昼

文章 0 评论 0

平生欢

文章 0 评论 0

微凉

文章 0 评论 0

Honwey

文章 0 评论 0

qq_ikhFfg

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文