PRB: Appdomains Security Permission Error Message When You Access the Strong-Named Assembly from the \Bin Directory (813830)


The information in this article applies to:

  • Microsoft ASP.NET (included with the .NET Framework) 1.0
  • Microsoft ASP.NET (included with the .NET Framework 1.1)

SYMPTOMS

In a Microsoft ASP.NET version 1.1 application, when you access a strong-named assembly that is stored in the \bin directory of your Web application that is not marked with AllowPartiallyTrustedCallersAttribute (APTCA) and when the trust level of the Web application is not set to Full Trust in the Web.config file, then you may receive the following error message instead of the expected SecurityException error message:
Assembly <assembly>.dll security permission grant set is incompatible between appdomains
You will not receive the same error message in ASP.NET version 1.0, but the same underlying issue about strong-named assemblies also exists in ASP.NET 1.0.

CAUSE

Strong-named assemblies must be stored in the global assembly cache when they are used with ASP.NET Web applications. By default, strong-named assemblies will not grant access to partially trusted code, because of the visibility of strong-named assemblies in the global assembly cache. You can allow partially trusted code to call your strong-named assembly, but only after you explicitly set the AllowPartiallyTrustedCallersAttribute. If you do not explicitly declare the attribute, the caller requires Full Trust to use the code. Only apply the AllowPartiallyTrustedCallersAttribute to your strong-named assemblies after a careful assessment of the code.

RESOLUTION

Install strong-named assemblies in the global assembly cache for ASP.NET 1.0 and 1.1 Web applications. The following steps describe how to install a strong-named assembly in the global assembly cache, and explain how to use the AllowPartiallyTrustedCallersAttribute:

Install a Strong-Named Assembly in the Global Assembly Cache

You can use the global assembly cache to share assemblies across many applications. To install the strong-named assembly in the global assembly cache, follow these steps:
  1. To create a strong-name assembly, follow the steps in the "More Information" section of this article.
  2. Open Visual Studio .NET Command Prompt, and then type the following command: gacutil -I "C:\[PathToBinDirectoryInVSProject]\sampledll.dll

    Note: sampledll.dll is the name of the DLL that is signed with strong name.

Add the APTCA

Assemblies that are intended to be called by partially trusted code declare their intent by the assembly-level custom attribute AllowPartiallyTrustedCallers. To mark the strong-named assembly with APTCA, follow these steps:
  1. To create a strong-name assembly, follow the steps in the "More Information" section of this article.
  2. Replace the code in Class1 with the following code:

    Visual C# .NET Code
    using System;
using System.Reflection;
using System.Runtime.InteropServices;
using System.Security;

[assembly: AssemblyKeyFile("..\\..\\key.snk")]
[assembly:AllowPartiallyTrustedCallers] 

namespace SNAssemblyTest
{
	public class Class1
	{	// Test Class
	}
}
    Visual Basic .NET Code
    Imports System.Reflection
Imports System.Runtime.InteropServices
Imports System.Security

<Assembly: AssemblyKeyFile("..\..\key.snk")> 
<Assembly: AllowPartiallyTrustedCallers> 

Public Class Class1
   ' Test Class
End Class
Note Only apply the AllowPartiallyTrustedCallersAttribute after you have considered the security implications and have taken the necessary precautions. These precautions include a code review against the secure coding guidelines that are described in the "Cause" section of this article. Only apply this attribute to assemblies if the following criteria are met:
  1. The assemblies have been designed and been built with explicit attention to security considerations to help protect them against all callers, including potentially malicious callers.
  2. Appropriate security testing with partially trusted code is completed before the code is released.

STATUS

This behavior is by design.

MORE INFORMATION

Steps to Reproduce the Behavior

Create a StrongName Assembly

  1. Start Microsoft Visual Studio .NET 2003.
  2. On the File menu, point to New, and then click Project.
  3. Select Visual C# project or Visual Basic Projects under Project Types.
  4. Select Class Library under Templates.
  5. Name the project as SNAssemblyTest.
  6. Open the Visual Studio .NET Command Prompt, and then change the directory to the current project directory.
  7. To create a strong-named key, type the following command: sn -k key.snk
  8. Replace the code in Class1 with the following code:

    Visual C# .NET Code
    using System;
using System.Reflection;
using System.Runtime.InteropServices;

[assembly: AssemblyKeyFile("..\\..\\key.snk")]

namespace SNAssemblyTest
{
	public class Class1
	{	// Test Class
	}
}
    Visual Basic .NET Code
    Imports System.Reflection
Imports System.Runtime.InteropServices

<Assembly: AssemblyKeyFile("..\..\key.snk")> 

Public Class Class1
   ' Test Class
End Class
  9. On the Build menu, click Build Solution.

Refer to the Assembly in an ASP.NET Web Application

  1. Start Visual Studio .NET, and then create a new ASP.NET Web Application project by using Visual C# .NET or Visual Basic .NET.
  2. In Solution Explorer, right-click References, and then click Add Reference.
  3. Click Browse, and then select the .dll file of the assembly that you created in the "Create a StrongName Assembly" section of this article (SNAssemblyTest.dll).
  4. To open the Web.config file, double-click Web.config in the Solution Explorer.
  5. Add the following code trust level code in the <system.web> element of the Web.config file:
    <trust level="High"  />
  6. To run the project, click Start on the Debug menu. You may receive the error that is mentioned in the "Symptoms" section of this article.

REFERENCES

For more information, visit the following Microsoft Web sites:

ASP.NET Code Access Security
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/proddocs/standard/aaconcodeaccesssecurity.asp
MSDN Magazine "Security Briefs" (Hashing Passwords, The AllowPartiallyTrustedCallers Attribute)
http://msdn.microsoft.com/msdnmag/issues/03/08/SecurityBriefs/default.aspx
Application Domains and Assemblies
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconapplicationdomainsassemblies.asp
Strong Name Tool (Sn.exe)
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cptools/html/cpgrfstrongnameutilitysnexe.asp
Version 1 Security Changes for the Microsoft .NET Framework
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/v1securitychanges.asp
Global Assembly Cache Tool (Gacutil.exe)
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cptools/html/cpgrfglobalassemblycacheutilitygacutilexe.asp


For additional information, click the following article numbers to view the articles in the Microsoft Knowledge Base:

315682 HOW TO: Install an Assembly into the Global Assembly Cache in Visual Studio .NET


324519 PRB: "Can not Access File 'AssemblyName' Because It Is Being Used by Another Process" Error Message in ASP.NET

Modification Type:MinorLast Reviewed:7/8/2005
Keywords:kbWebForms kbConfig kbSecurity kberrmsg kbprb KB813830 kbAudDeveloper
©2004 Microsoft Corporation. All rights reserved.