+1-888-365-2779
Try Now
More in this section

Forums / 3.x Pre-release forums (retired) / 1and1com web hosting .Net issues

1and1com web hosting .Net issues

4 posts, 0 answered
  1. bnye
    bnye avatar
    332 posts
    Registered:
    22 Sep 2005
    04 Apr 2007
    Link to this post

    Hi Sitefinity Folks-

    A client of ours would like to move into Sitefinity (currently on linux). The host is 1and1.com. The client received this statement regarding switching to a .Net site. I was hoping to get your thoughts on each of the relevant portions of the statement and how it relates to Sitefinity, Nolics database access, RAD Controls, and .Net 2.0 in general.

    -----------------------------statement start----------------------------------

    Restrictions in hosting ASP.NET applications

    As a leading web host, we need to make sure that the resources on our systems are distributed fairly and that no single application has a negative effect on the other applications or on the whole system. It is therefore essential that we define a so-called trust level for the use of ASP.NET applications that restricts certain features of the .NET framework.

    For instance, no ASP.NET application may access the registry or carry out file accesses outside a particular user directory. Nor may the execution of so- called "unmanaged code" (i.e. code that is not administrated by the .NET framework and which, for instance, carries out its own storage administration) be permitted.

    You will not be able to access an Microsoft Access database via ODBC or OLEDB because these procedures still contain the "unmanaged code" as mentioned before.

    You will therefore have to use Microsoft's SQL server and the corresponding classifications in the .NET framework (System.Data.SqlClient) if you want to run ASP.NET applications with a database.

    The other restrictions set by the trust level are of little relevance to the majority of ASP.NET applications. They include the non-availability of so-called IsolatedStorage and the barring of the system's environment variables.

    For safety

    and performance reasons, ASP.NET applications cannot be traced or debugged by the server. Any non-present or non-accessible backend services such as MessageQueues, DirectoryServices, Printing or PerformanceCounter cannot be addressed via an ASP.NET application.

    Some other restrictions are:

    1. Access to the .NET Framework isolated storage 2. Use of system printers 3. Control of security relavant infrastructure like ControlAppDomain, ControlEvidence, RemotingConfiguration, UnmanagedCode and others 4. Access to the registry 5. Access to confidential environment variables 6. Create or open network sockets 7. Access to the system event log 8. Access to system performance counters 9. Use of the .NET Framework Data Provider for OleDb and ODBC
    ---------------------------------statement end------------------------------

  2. Bob
    Bob avatar
    330 posts
    Registered:
    24 Sep 2012
    05 Apr 2007
    Link to this post
    Hi Ben,

    Sitefinity 3.0 with proper configuration can comply with all described restrictions. Unfortunately, for other reasons RC1 will not work in restricted trust because it uses custom type descriptors and other reflection operations that are usually forbidden in such environments. We are currently working on resolving these issues and certain configurations of RC2 will work in medium trust. Some features will not be available for such environments though. For now we know dynamic metadata for content will not work and Sitefinity should be configured to use StaticContentProvider (not available in RC1).

    Greetings,
    Bob
    the telerik team

    Instantly find answers to your questions at the new telerik Support Center
  3. bnye
    bnye avatar
    332 posts
    Registered:
    22 Sep 2005
    05 Apr 2007
    Link to this post
    Thank you for the update.

    Some hosts use custom trusts. What are the bare minimum security allowances to guarantee that Sitefinity v3 RC1 work in custom trust environment.

    Is the only way to guarantee 100% functionality right now to set up the server wide web.config to allow a Sitefinity v3 RC1 website to override the server restrictions and use FULL Trust mode.

    Sincerely,

    Ben
  4. Bob
    Bob avatar
    330 posts
    Registered:
    24 Sep 2012
    06 Apr 2007
    Link to this post
    Hi Ben,

    Unfortunately, RC1 requires full trust. Once we are done with RC2, we will publish a list of minimal permissions required for each module / component.

    Greetings,
    Bob
    the telerik team

    Instantly find answers to your questions at the new telerik Support Center
Register for webinar
4 posts, 0 answered