how to write a text file in a web server

TheMSsForum.com: The Microsoft Software Forum

I have a no touch deployment application. I'm trying to write a file to a web
server by using webclient class' UploadFile method but I get an security
exception. What should I do to overcome this exception?
Top

RE: how to write a text file in a web server by v-kevy

v-kevy
Fri Jul 15 21:41:16 CDT 2005

Hi,

We have reviewed this issue and are currently researching on it. We will
update you ASAP. Thanks for your patience!

Kevin Yu
=======
"This posting is provided "AS IS" with no warranties, and confers no
rights."

Top

RE: how to write a text file in a web server by v-jetan

v-jetan
Sun Jul 17 21:11:15 CDT 2005

Hi mach2,

Thanks for your post.

Yes, normally, no touch deployed application will have a restricted
permission right at client side. So when we use WebClient.UploadFile
method, a SecurityException may arise.

For this issue, we may setup the client .Net code access security setting
to grant certain permission to our smart client application. This requires
2 steps:
1. Open .Net configuration tool 1.1, create a least required permission
set(for WebClient.UploadFile, I think we should assign "Web Access" or
"File IO" permissions), you can also assign Full Trust as a test purpose.
2. create a code group for our application.(we can use certain feature of
our application as the code group condition, for example Application site
URL, strong name etc..). At last, we can assign the #1 step created
permission set to this code group.

Then our application will fail into this code group and have the permission
set we specified. And the original exception will go away.

You can get more information about .Net Code Access Security in the article
below:
"Understanding .NET Code Access Security"
http://www.codeproject.com/dotnet/UB_CAS_NET.asp

Hope this helps
=======================================
Thank you for your patience and cooperation. If you have any questions or
concerns, please feel free to post it in the group. I am standing by to be
of assistance.

Best regards,
Jeffrey Tan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.

Top

RE: how to write a text file in a web server by mach2

mach2
Mon Jul 18 09:46:09 CDT 2005

Thank you for your post. Well my situation is a bit more complex. I already
have storngname and a full trust on this strong name. The application (smart
client) compiles a code dynamically (Basically a vb class in a text file.
This is a functionality that we provide to our clients so that they could
write reports and make them part of our product) and the compiled code may
access either local files or files on the web server.
I thought of two solutions to these and I think I need your inputs on these
solutions.
1) Generate a key for the clients and when we compile their code use this
key to compile and run. Of course we have to make modifications to client's
security policies. Is this a feasible thing to do? If yes, what would be the
ways to get the key file down to client machines?
2) I tried to call a web service method to read and write files from/to the
web server. On write, I'm getting security exception. Can I enhance security
policy in the web server to give more permission to web service process to
write files in the web server's local file system?



""Jeffrey Tan[MSFT]"" wrote:

> Hi mach2,
>
> Thanks for your post.
>
> Yes, normally, no touch deployed application will have a restricted
> permission right at client side. So when we use WebClient.UploadFile
> method, a SecurityException may arise.
>
> For this issue, we may setup the client .Net code access security setting
> to grant certain permission to our smart client application. This requires
> 2 steps:
> 1. Open .Net configuration tool 1.1, create a least required permission
> set(for WebClient.UploadFile, I think we should assign "Web Access" or
> "File IO" permissions), you can also assign Full Trust as a test purpose.
> 2. create a code group for our application.(we can use certain feature of
> our application as the code group condition, for example Application site
> URL, strong name etc..). At last, we can assign the #1 step created
> permission set to this code group.
>
> Then our application will fail into this code group and have the permission
> set we specified. And the original exception will go away.
>
> You can get more information about .Net Code Access Security in the article
> below:
> "Understanding .NET Code Access Security"
> http://www.codeproject.com/dotnet/UB_CAS_NET.asp
>
> Hope this helps
> =======================================
> Thank you for your patience and cooperation. If you have any questions or
> concerns, please feel free to post it in the group. I am standing by to be
> of assistance.
>
> Best regards,
> Jeffrey Tan
> Microsoft Online Partner Support
> Get Secure! - www.microsoft.com/security
> This posting is provided "as is" with no warranties and confers no rights.
>
>
Top

RE: how to write a text file in a web server by v-jetan

v-jetan
Tue Jul 19 03:59:18 CDT 2005

Hi mach2,

Thanks for your feedback.

Currently, I am not sure the key point of your problem. Yes, I see that
your application dynamically generates code classes, but what is the
problem? Hope you can clarify your problem for us. Thanks

For #1, I am not sure why you want to use a key file to compile your code.
How does this resolve your problem?

Based on your statement, it seems that the key point is that you want know
how to dynamically adjust the client side Code Access Security.

Actually, .Net Code Access Security can be controlled by caspol.exe, which
we can pass different command line parameters to it to do the
configuration. So once your application has full trust permission at
client, we can use Process.Start method to invoke that tool. Then we can
invoke capsol.exe programmatically to control any .Net application's CAS
setting. You can get some further information from another post of mine:
http://groups.google.com/groups?hl=zh-CN&lr=&threadm=Lh0AROzOFHA.5096%40TK2M
SFTNGXA01.phx.gbl&rnum=1&prev=/groups%3Fq%3D%2522Code%2BAccess%2BSecurity%25
22%2B%2522jeffrey%2Btan%2522%2Bactivex%26hl%3Dzh-CN%26lr%3D%26selm%3DLh0AROz
OFHA.5096%2540TK2MSFTNGXA01.phx.gbl%26rnum%3D1
=====================================================================
Thank you for your patience and cooperation. If you have any questions or
concerns, please feel free to post it in the group. I am standing by to be
of assistance.

Best regards,
Jeffrey Tan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.

Top