+1-888-365-2779
Try Now
More in this section

Forums / Bugs & Issues / trust level="Medium"

trust level="Medium"

24 posts, 0 answered
  1. dmajkic
    dmajkic avatar
    9 posts
    Registered:
    30 Mar 2007
    08 Jun 2007
    Link to this post
    Localhost site works fine,  but if I add <trust level="Medium" originUrl="" /> to the Web.config, then "Security exception" is raised. 

    Does this mean that Sitefinity  will not work on providers with Medium trust?

  2. Rebecca
    Rebecca avatar
    536 posts
    Registered:
    24 Sep 2012
    08 Jun 2007
    Link to this post
    Hi dmajkic,

    Sitefinity 3.0 can work in shared hosting environment, but before setting the trust level to "Medium", you need to modify the application web.config file as described on page 131 (Medium Trust Support) of the User Manual.

    Do let us know if you need any further assistance or if any problems arise.

    Best wishes,
    Rebecca
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  3. dmajkic
    dmajkic avatar
    9 posts
    Registered:
    30 Mar 2007
    08 Jun 2007
    Link to this post
    I did this with web.config (on localhost, XP SP2, community edition):

      1. Added <trust level="Medium" originUrl="" />
      2. Changed to  <healthMonitoring enabled="false"

      Workflow was allready disabled, and SitefinityXML commented out.

      This is the local server response :
    [SecurityException: That assembly does not allow partially trusted callers.]
    System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck) +0
    System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache) +103
    System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) +261
    System.Activator.CreateInstance(Type type, Boolean nonPublic) +66
    Telerik.Cms.Web.CmsHttpModule.RegisterUrlRewriterService(Type svc) +53
    Telerik.Cms.Web.UrlHelper.FillTableRecursive(IPage parent, String parentPath, CmsUrlContext parentUrlContext) +494
    Telerik.Cms.Web.UrlHelper.FillTable(CmsManager man) +115
    Telerik.Cms.Web.UrlHelper..cctor() +680

  4. Rebecca
    Rebecca avatar
    536 posts
    Registered:
    24 Sep 2012
    11 Jun 2007
    Link to this post
    Hello dmajkic,

    It seems that we have omitted to add the AllowPartiallyTrustedCallers attribute in several assemblies in the current community edition of Sitefinity. We will fix this for the Service pack.

    Thank you very much for reporting this issue and sorry for the inconvenience caused.
    Your Telerik account has been updated. 

    Best wishes,
    Rebecca
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  5. Darchele
    Darchele avatar
    24 posts
    Registered:
    08 Sep 2006
    17 Sep 2007
    Link to this post
    Has this issue been resolved??  We are testing in a hosted environment and can't even edit Generic Content because of the error.

    Please advise.
  6. Rebecca
    Rebecca avatar
    536 posts
    Registered:
    24 Sep 2012
    18 Sep 2007
    Link to this post
    Hi Darchele,

    if you are still experiencing the same problem, can you please check the exact version of the Telerik.Cms.dll assembly located in your project bin folder?
    Please, also check the version number of the same assembly in the EmptyProject bin folder which will show the version of your Sitefinity installation. 
    Do let us know about the results so that we could help you further.


    Best wishes,
    Rebecca
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  7. Darchele
    Darchele avatar
    24 posts
    Registered:
    08 Sep 2006
    18 Sep 2007
    Link to this post
    We just downloaded the trial version and have started testing with our host, which is in a Medium trust environment. 

    We get the error "That assembly does not allow partially trusted callers", when trying to edit pages in the cms.

    The Telerik.cms.dll file versions for the project assembly & empty project are oth the same -- > 3.0.1323.2.

    Has this issue been resolved?

    Please advise.
  8. Rebecca
    Rebecca avatar
    536 posts
    Registered:
    24 Sep 2012
    18 Sep 2007
    Link to this post
    Hi Darchele,

    We could not reproduce any errors with Sitefinity Standard edition and it seems all our assemblies are marked with the AllowPartiallyTrustedCallers attribute.
    Is it possible to send us the whole stack trace of the error? Also, have you created any custom modules?

    Kind regards,
    Rebecca
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  9. Darchele
    Darchele avatar
    24 posts
    Registered:
    08 Sep 2006
    18 Sep 2007
    Link to this post
    No custom modules have been created, although we hope to if we purchase the product. 

    I'm not sure how to provide you the stack trace because it's not being displayed and I'm not sure where in the code to do any error trapping to display it.

    However, I have it up on our host testing so that you can see it.
    http://www.foundryhost.net/FoundrySitefinity
    Go to the site then click the Administer link above the menu.

    The login is admin, testing.  Try to edit any page and you should see the error.

    Please advise.

    Thanks,

    Darchele
  10. Vlad
    Vlad avatar
    498 posts
    Registered:
    15 Jul 2016
    20 Sep 2007
    Link to this post
    Hi Darchele,

    We asked you about your custom modules, assuming that maybe some of them does not have AllowPartiallyTrustedCallers attribute.

    We saw the error in the Page Editor: "That assembly does not allow partially trusted callers". Unfortunately we don't have any explanation why this error appears.
    Therefore we tried to create a generic content item and noticed that Telerik.Versioning module does not have its database objects - seems it is not upgraded.
    As you may know, the automatic upgrade works only in Full trust environment, so could you try to enforce database upgrade for Telerik.Versioning in your local site and then upload the upgraded database to the production server. You could do this by creating at least one Generic Content item.

    We believe that doing the above will fix the error: "That assembly does not allow partially trusted callers". Please let us know how it goes.

    Sorry for the inconvenience and thank you for pointing this problem out. We will do all necessary changes in our code to avoid this issue in the future.

    Your Telerik account has been updated.

    Regards,
    Vlad
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  11. Darchele
    Darchele avatar
    24 posts
    Registered:
    08 Sep 2006
    20 Sep 2007
    Link to this post

    You mentioned something about an upgrade... but this was a clean install of version 3.0.  Just wanted to clarify.

    On my local copy, I created a generic content item and pushed the database upto the host I also repushed up all of the code to be sure there wasn't a problem with the copied files, but the problem persists.

    What next??

  12. Vlad
    Vlad avatar
    498 posts
    Registered:
    15 Jul 2016
    21 Sep 2007
    Link to this post
    Hello Darchele,

    When I said upgrade, I meant creating the module database objects on first initialization of the module.
    All Sitefinity modules are based on providers model, so each module initializes it's providers when you first access it. On initializing the module provider, it checks whether the database contains its database objects. If not, it tries to create them. The last action is not allowed in medium trust. So, you should insure that all modules are initialized in the database on local host before uploading it into the production server.

    Yesterday, when we tested on http://www.foundryhost.net/FoundrySitefinity, we noticed that no generic item is created and throws an exception saying that sf_VersionItem table is missing. We supposed that this is causing the problem with the error in the designer: "That assembly does not allow partially trusted callers". Seems we were wrong, because now, on  http://www.foundryhost.net/FoundrySitefinity, we see that Telerik.Versioning is upgraded but the error still persists.

    Since we cannot reproduce this error, we are asking you to make the following test on your local site:
    Set in the web.config:

    <system.web>
     <trust level="Medium" />

    ... and if you are reproducing the error in your local site, could you please send us you project to investigate it locally.
    Otherwise would you ask your shared hosting provider to send you the configuration file for trust level:

    <trustLevel name="Medium" policyFile="web_mediumtrust.config" />

    .. and then resend us the file.


    Sincerely yours,
    Vlad
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  13. Darchele
    Darchele avatar
    24 posts
    Registered:
    08 Sep 2006
    21 Sep 2007
    Link to this post
    Below is the response we got back from our host provider....please review and let us know what it is you need out of the file.  Thanks

    Sent: Friday, September 21, 2007 10:40 AM
    To: Webb, Darchele
    Subject: [364-0E8618A9-57B0] Medium Trust Issues

    Hello,

    In reference to your ticket, I do apologize but it seems as though our Server Operations department will not allow us to give out our configuration files on our servers. I have placed the permission set in the file below. If this does not assist you, can you please state what exactly in the file you are looking for, and I can do a search for the entry in the file.

    Please let me know if you have any further questions.

    Thank You

    <PermissionSet
    class="NamedPermissionSet"
    version="1"
    Name="ASP.Net">
    <IPermission
    class="AspNetHostingPermission"
    version="1"
    Level="Medium"

  14. Vlad
    Vlad avatar
    498 posts
    Registered:
    15 Jul 2016
    24 Sep 2007
    Link to this post
    Hello Darchele,

    Thank you for the information.
    Unfortunately, we have no idea how to reproduce this problem locally. We did testing with the standard ASP.NET 2.0 web configuration for medium trust level and everything worked fine. 

    Could you also remove the following assemblies from the Bin folder of your hosted site:
        
        DictionaryConfiguration.NET2.dll
        EnvDTE.dll
        MySql.Data.dll
        NNMySQLProvider.dll
        nunit.framework.dll
        PietschSoft.VE3.dll

    ... and check that there are no other assemblies in the bin folder which do not have AllowPartiallyTrustedCallers attribute.

    If the above does not help, could you please send us your project so that we could investigate it locally.

    All the best,
    Vlad
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  15. Darchele
    Darchele avatar
    24 posts
    Registered:
    08 Sep 2006
    25 Sep 2007
    Link to this post
    I've asked our host to provide to provide details on the trust configuration differences from the standard ASP.Net 2.0 medium trust, but they indicated it would reveal trade secrets.  I've tried to escalate the case, but I'm not sure if I'll get any more details.

    With regard to the recommendations, I removed all of the suggested DLLs.  Also, all of the DLLs in the directory were provided by Telerik and were already compiled.  How am I supposed to check the AllowPartiallyTrustedCallers?

    What is the best way to get you the project files.  I've zipped it and it's a 33.5 MB file, because it includes the entire RadControls directory.

  16. Vlad
    Vlad avatar
    498 posts
    Registered:
    15 Jul 2016
    25 Sep 2007
    Link to this post
    Hi Darchele,

    Thank you for trying to get more details about your ISP configuration.

    All assemblies provided by Sitefinity, except the ones I have listed in my previous post (they are not needed in your case), have the AllowPartiallyTrustedCallers attribute. You can check this with Lutz Roeder's .NET Reflector.

    You can exclude the RadControls folder from the .ZIP. This will shorten the file.
    Please open a new support ticket and attach the project archive to it.

    Sincerely yours,
    Vlad
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  17. Darchele
    Darchele avatar
    24 posts
    Registered:
    08 Sep 2006
    25 Sep 2007
    Link to this post
    I've tried to attach the file twice, to a support ticket, and the site keeps timing out.  Excluding the RadControls folder dropped the file size to 23.5 MB. 

    Other suggestions?
  18. Vlad
    Vlad avatar
    498 posts
    Registered:
    15 Jul 2016
    25 Sep 2007
    Link to this post
    Ok Darchele,

    Archive only the following folders

    App_Master
    App_Code (if you have)
    Bin


    All the best,
    Vlad
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  19. Darchele
    Darchele avatar
    24 posts
    Registered:
    08 Sep 2006
    25 Sep 2007
    Link to this post
    A ticket has been submitted.
  20. Richard Baugh
    Richard Baugh avatar
    201 posts
    Registered:
    22 Aug 2012
    24 Sep 2009
    Link to this post
    A client of ours is having a medium trust issue. Their site was running under full trust up until a day or two ago. Now with the site running under medium trust, we are getting the following error:

    Security Exception

    Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

    Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

    Source Error:

    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

    Stack Trace:

    [SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
       System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) +0
       System.Security.CodeAccessPermission.Demand() +58
       System.Reflection.Assembly.VerifyCodeBaseDiscovery(String codeBase) +118
       System.Reflection.Assembly.GetName(Boolean copiedName) +70
       System.Reflection.Assembly.GetName() +9
       Telerik.ModuleManager.LoadModules(Boolean reload) +521
       Telerik.ModuleManager.LoadModules() +25
       Telerik.ModuleManager..cctor() +114
    

    After reading through this thread, I tried to verify that there were no custom controls without the AllowPartiallyTrustedCallers attribute. We are still getting this error. As I mentioned, this was just flipped the other day to medium trust. Not sure if an directory permissions have been changed or not. Was hoping you might have some advice as to where to go with this error. I couldn't find a similar problem reported on the forum.

    Richard
  21. Darchele
    Darchele avatar
    24 posts
    Registered:
    08 Sep 2006
    24 Sep 2009
    Link to this post
    This was an issue we had with an older version of Sitefinity ... if you're using the most recent version and have run through the manual to disable the correct things in the web.config for a medium trust environment you should be good to go.
  22. Radoslav Georgiev
    Radoslav Georgiev avatar
    3370 posts
    Registered:
    01 Feb 2016
    24 Sep 2009
    Link to this post
    Hello Richard,

    If you do not have the ability to upgrade your project, please see if your hosting provider can grant you Reflection permission. This should also solve the problem you are experiencing.

    Greetings,
    Radoslav Georgiev
    the Telerik team

    Instantly find answers to your questions on the new Telerik Support Portal.
    Watch a video on how to optimize your support resource searches and check out more tips on the blogs.
  23. Richard Baugh
    Richard Baugh avatar
    201 posts
    Registered:
    22 Aug 2012
    24 Sep 2009
    Link to this post
    Thanks you both for your reply.

    This is a 3.5 site. This site is not using any workflow as documented in the Medium trust setup articles I have found on this forum. The Health monitoring was also disabled.

    I am going to check with the hosting provider to make sure that the directory permissions are still setup. We are writing to an XML file in the App_Data folder. So we need to be able to access this. I will also ask about the Reflection permissions.
  24. Radoslav Georgiev
    Radoslav Georgiev avatar
    3370 posts
    Registered:
    01 Feb 2016
    24 Sep 2009
    Link to this post
    Hi Richard Baugh,

    Please, check if the appropriate permissions are in place and tell us how it goes.

    Regards,
    Radoslav Georgiev
    the Telerik team

    Instantly find answers to your questions on the new Telerik Support Portal.
    Watch a video on how to optimize your support resource searches and check out more tips on the blogs.
Register for webinar
24 posts, 0 answered