I'm running rs2005 sp2, and the dll was made with .net 1.1. Before, there were no issues with this version crossing of .net 1.1 and 2.0.
In the RS IDE, the webservice call works fine. I've read that this execution is done with full trust - so I've tried to tackle the CAS issue.
When I try to call the webservice from the dll, I catch the exception, and it's:
Request for the permission of type 'System.Net.WebPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
Now what confuses me is, why is the version of WebPermission 2.0 when the dll is 1.1? Maybe there is translation done and the dll is really run w/ the 2.0 framework?
Anyways, this I've done are:
* Added this right before my webservice call. Is something missing?
// We need to ensure that this library is permitted to access the webservice url
// http://support.microsoft.com/default.aspx?scid=kb;en-us;842419
System.Text.RegularExpressions.Regex urlRegEx = new System.Text.RegularExpressions.Regex(@."http://server/.*");
System.Net.WebPermission p = new System.Net.WebPermission(NetworkAccess.Connect, urlRegEx);
p.Assert();
* Gave the 'All_Code' group permission of full trust in both .net 1.1 and 2.0 configurations to see if it helped - it did not, and I checked the report after I did an iisreset. This should have done it!!
* I also tried changing: rsmgrpolicy.config and rssrvpolicy.config
and updated these lines to have version 2.0.0.0:
<SecurityClass Name="SecurityPermission" Description="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
<SecurityClass Name="WebPermission" Description="System.Net.WebPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
iisreset was done, and the code executed was still complaining about the permission request failing for WebPermission.
* These blocks were added to rsmgrpolicy.config and rssrvpolicy.config, in respective sections:
<CodeGroup class="UnionCodeGroup"
version="1"
PermissionSetName="CompanyPermissionSet"
Name="CompanyRS"
Description="">
<IMembershipCondition class="UrlMembershipCondition"
version="1"
Url="file://C:/Program Files/Microsoft SQL Server/MSSQL.3/Reporting Services/ReportServer/bin/Company.RS.dll"/>
</CodeGroup>
<PermissionSet class="NamedPermissionSet"
version="1"
Name="CompanyPermissionSet">
<IPermission class="SecurityPermission"
version="1"
Flags="Assertion, Execution"/>
<IPermission class="WebPermission"
version="1">
<ConnectAccess>
<URI uri="http://server/"/>
<URI uri="http://\*\.Company\.com"/>
</ConnectAccess>
<AcceptAccess>
<URI uri="http://server/"/>
<URI uri="http://\*\.Company\.com"/>
</AcceptAccess>
</IPermission>
</PermissionSet>
The only way I got a webservice call to work was with these settings:
rssrvpolicy.config:
<PermissionSet
class="NamedPermissionSet"
version="1"
Name="RISPermissions">
<IPermission class="SecurityPermission"
version="1"
Flags="Assertion, Execution"/>
<IPermission class="WebPermission"
version="1"
Unrestricted="true"/>
</PermissionSet>
and
<CodeGroup class="UnionCodeGroup"
version="1"
PermissionSetName="RISPermissions"
Name="RISCode"
Description="RIS codes makes a webservice call to translate employee names">
<IMembershipCondition class="StrongNameMembershipCondition"
version="1"
PublicKeyBlob="002400000480000094..."
/>
</CodeGroup>
And in the assembly (VB.net) code:
<Assembly: AllowPartiallyTrustedCallers()>
and right before the actual webservice call:
p = New System.Net.WebPermission(Permissions.PermissionState.Unrestricted)
p.Assert()
Took me just over half a day to get it right..
Perhaps the code could be a bit more secure by specifying a RegEx for the WebPermission, but I'll settle for this.
-Ruizzie
No comments:
Post a Comment