Customizing the Medium Trust Policy
| Retired Content |
|---|
This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
| The latest Enterprise Library information can be found at the Enterprise Library site. |
The tables in the following sections show the additional permissions—beyond those granted by default in the medium trust policy—that may be required by your application. You need to grant these additional permissions only if you want to use these specific features. Unless otherwise noted, make these modifications in the custom policy file.
For extended examples of how to modify a custom policy file, see How To: Use Medium Trust in ASP.NET 2.0 on MSDN. If you are using a partial-trust policy other than medium trust, other restrictions and permissions may apply. For a table that lists the different permissions and the trust policies that allow them, see ASP.NET Code Access Security on MSDN.
These additional permissions are the following:
- General Permissions
- Caching Application Block Permissions
- Data Access Application Block Permissions
- Exception Handling Application Block Permissions
- Cryptography Application Block Permissions
- Security Application Block Permissions
- Logging Application Block Permissions
- Validation Application Block Permissions
- Policy Injection Application Block Permissions
General Permissions
Table 1 lists the additional permissions that may be required by core features of the Enterprise Library.
Table 1: Additional General Permissions
Feature |
Subfeature |
Permissions |
|---|---|---|
Configuration |
Not applicable |
Add the ConfigurationPermission class to the <SecurityClasses> element. Within the <IPermission> element, set the Access attribute to Unrestricted to read the relevant sections in the policy file. Alternatively, add requirePermission = false to the relevant sections in the configuration file. |
Configuration |
File configuration source |
Add the FileIOPermission class to the <SecurityClasses> element. Within the <IPermission> element, set the Read and PathDiscovery attributes to the configuration file's folder and to the Machine.config file. |
Instrumentation |
Performance counters |
Add the PerformanceCounterPermission class to the <SecurityClasses> element. Within the <IPermission> element, set the Access attribute to Write. |
Instrumentation |
Event log |
Add the EventLogPermission class to the <SecurityClasses> element. Within the <IPermission> element, set the Access attribute to Administer for the local computer. |
Instrumentation |
Windows Management Instrumentation (WMI) |
WMI is not supported under partial trust. |
Caching Application Block
Table 2 lists the additional permissions that may be required by the Caching Application Block.
Table 2: Additional Permissions for the Caching Application Block
Feature |
Subfeature |
Permissions |
|---|---|---|
Storage |
Database |
Add the SecurityPermission class to the <SecurityClasses> element. Within the <IPermission> element, add the SerializationFormatter flag to the Flags attribute. |
Storage |
IsolatedStorage |
Add the SecurityPermission class to the <SecurityClasses> element. Within the <IPermission> element, add the SerializationFormatter flag to the Flags attribute. |
Encryption |
SymmetricStorage EncryptionProvider (from the Cryptography Application Block) |
Add the DataProtectionPermission class to the <SecurityClasses> element. Within the <IPermission> element, add the ProtectData and UnprotectData flags to the Flags attribute. |
Instrumentation |
Performance counters |
Add the PerformanceCounterPermission class to the <SecurityClasses> element. Within the <IPermission> element, set the Access attribute to Write on the Enterprise Library Caching Counters category. |
Data Access Application Block
Table 3 lists the additional permissions that may be required by the Data Access Application Block.
Table 3: Additional Permissions for the Data Access Application Block
Feature |
Subfeature |
Permissions |
|---|---|---|
Oracle database |
Not applicable |
Add the OraclePermission class to the <SecurityClasses> element. Within the <IPermission> element, set the Unrestricted attribute to true. |
Odbc database |
Not applicable |
Add the OdbcPermission class to the <SecurityClasses> element. Within the <IPermission> element, set the Unrestricted attribute to true. |
OleDb database |
Not applicable |
Add the OleDbPermission class to the <SecurityClasses> element. Within the <IPermission> element, set the Unrestricted attribute to true. |
SqlCe database |
Not applicable |
SQL Server Compact Edition is not supported under partial trust. |
Instrumentation |
Performance counters |
Add the PerformanceCounterPermission class to the <SecurityClasses> element. Within the <IPermission> element, set the Access attribute to Write on the Enterprise Library Data Counters category. |
Exception Handling Application Block
Table 4 lists the additional permissions that may be required by the Exception Handling Application Block.
Table 4: Additional Permissions for the Exception Handling Application Block
Feature |
Subfeature |
Permissions |
|---|---|---|
General |
Context information |
Add the SecurityPermission class to the <SecurityClasses> element. Within the <IPermission> element, add the UnmanagedCode flag to the Flags attribute. |
Instrumentation |
Performance counters |
Add the PerformanceCounterPermission class to the <SecurityClasses> element. Within the <IPermission> element, set the Access attribute to Write on the Enterprise Library Exception Handling Counters category. |
Cryptography Application Block
Table 5 lists the additional permissions that may be required by the Cryptography Application Block.
Table 5: Additional Permissions for the Exception Handling Application Block
Feature |
Subfeature |
Permissions |
|---|---|---|
General |
Not applicable |
Add the DataProtectionPermission class to the <SecurityClasses> element. Within the <IPermission> element, add the ProtectData and UnprotectData flags to the Flags attribute. |
Instrumentation |
Performance counters |
Add the PerformanceCounterPermission class to the <SecurityClasses> element. Within the <IPermission> element, set the Access attribute to Write on the Enterprise Library Cryptography Counters category. |
Security Application Block
Table 6 lists the additional permissions that may be required by the Security Application Block.
Table 6: Additional Permissions for the Security Application Block
Feature |
Subfeature |
Permissions |
|---|---|---|
General |
Not applicable |
If the application uses IIdentity and IPrincipal objects instead of GenericIdentity and GenericPrincipal, it may require additional permissions. For example, the WindowsIdentity object requires that you include the SecurityPermission class in the <SecurityClasses> element and that, within the <IPermission> element, you add the UnmanagedCode and ControlPrincipal flags to the Flags attribute. |
Authorization |
AzMan (Authorization Manager) |
AzMan is not supported under partial trust. For more information, see Known Issues. |
Instrumentation |
Performance counters |
Add the PerformanceCounterPermission class to the <SecurityClasses> element. Within the <IPermission> element, set the Access attribute to Write on the Enterprise Library Security Counters category. |
Logging Application Block
Table 7 lists the additional permissions that may be required by the Logging Application Block.
Table 7: Additional Permissions for the Logging Application Block
Feature |
Subfeature |
Permissions |
|---|---|---|
General |
Context information |
Add the SecurityPermission class to the <SecurityClasses> element. Within the <IPermission> element, add the UnmanagedCode flag to the Flags attribute. |
Tracing |
Not applicable |
Add the SecurityPermission class to the <SecurityClasses> element. Within the <IPermission> element, add the UnmanagedCode flag to the Flags attribute. |
Trace listeners |
General |
If you want to use the TraceOptions.Callstack method, add the EnvironmentPermission class to the <SecurityClasses> element. Within the <IPermission> element, set the Access attribute to Unrestricted. If you want to use the TraceOptions.ProcessID method, add the SecurityPermission class to the <SecurityClasses> element. Within the <IPermission> element, add the UnmanagedCode flag to the Flags attribute. |
Trace listeners |
Event Log |
Add the EventLogPermission class to the <SecurityClasses> element. Within the <IPermission> element, set the Access attribute to Administer to the local computer. |
Trace listeners |
Message queuing |
Message queuing is not supported under partial trust. |
Trace listeners |
Flat File and Rolling Flat File |
Add the FileIOPermission class to the <SecurityClasses> element. Within the <IPermission> element, set the Read and Write attributes to the destination file's folder. Set the PathDiscovery and Append attributes to the file. (The file can inherit the permissions from its folder). |
Trace listeners |
WMI |
WMI is not supported under partial trust. |
Trace listeners |
Database |
Add the appropriate database permission for the target database. (See Table 3 for the Data Access Application Block.) |
Formatters |
BinaryFormatter class |
Add the SecurityPermission class to the <SecurityClasses> element. Within the <IPermission> element, add the SerializationFormatter flag to the Flags attribute. |
Formatters |
TextFormatter class |
There are no permissions to add, although some tokens may not be available if they refer to properties that are not available under partial trust. |
General |
ContextItems class |
Add the SecurityPermission class to the <SecurityClasses> element. Within the <IPermission> element, add the Infrastructure flag to the Flags attribute. |
Instrumentation |
Performance counters |
Add the PerformanceCounterPermission class to the <SecurityClasses> element. Set the Access attribute to Write on the Enterprise Library Logging Counters category. |
Validation Application Block
Table 8 lists the additional permissions that may be required by the Validation Application Block.
Table 8: Additional Permissions for the Validation Application Block
Feature |
Subfeature |
Permissions |
|---|---|---|
Core |
Not applicable |
No special permissions required over those required for general and medium trust (LocalIntranet). |
WinForms |
Not applicable |
No special permissions required over those required for general and medium trust (LocalIntranet). |
Instrumentation |
Not applicable |
Add the PerformanceCounterPermission class to the <SecurityClasses> element. Set the Access attribute to Write on the Enterprise Library Logging Counters category. |
Policy Injection Application Block
Table 9 lists the additional permissions that may be required by the Policy Injection Application Block.
Table 9: Additional Permissions for the Policy Injection Application Block
|
Feature |
Subfeature |
Permissions |
|---|---|---|
Core |
Not applicable |
No special permissions required over those required for general and medium trust (LocalIntranet). |
WinForms |
Not applicable |
No special permissions required over those required for general and medium trust (LocalIntranet). |
Instrumentation |
Not applicable |
Add the PerformanceCounterPermission class to the <SecurityClasses> element. Set the Access attribute to Write on the Enterprise Library Logging Counters category. |
CallHandlers |
PerformanceCountersInstaller |
Requires full trust. |
CallHandlers |
Other handlers |
Uses the same requirements as the handler. |
Limitations on Using Partial Trust
There may be some limitations regarding how you use partial trust with an Enterprise Library application block. These limitations include the following:
- The Enterprise Library throws a SecurityException if it cannot obtain the mandatory permissions.
- Some calls to Logging Application Block trace listener classes fail.
- ASP.NET application directories require specific permissions.
- The AzMan provider is not available with partial trust.
Enterprise Library Throws Security Exception
If your application cannot obtain the necessary permissions to use a particular Enterprise Library feature, the Enterprise Library typically throws a SecurityException back to the application. The only time this does not happen is when the code that requires the permissions is not seen as critical to the feature's operation. For example, if the Logging Application Block is unable to call the API that provides information about the current process, this information is simply left out of the logged message and the call succeeds.
Limitations on Logging Application Block Trace Listeners
Creating an event log and creating a directory for a disk file both require full trust. Therefore, the Logging Application Block listeners fail when they attempt these actions while running under partial trust. The following two of the classes in the Logging Application Block cause a load failure even if you do not use them in your code because the Enterprise Library initializes and caches them:
- FormattedEventLogTraceListener. This class creates an instance of an EventLog object in its constructor. This call fails under partial trust, which prevents the application block from creating a LogWriter object if the trace listener is configured in the application configuration file. This occurs even if you do not use the FormattedEventLogTraceListener class in your application.
- FormattedTextWriterTraceListener. This class checks whether the specified directory exists in its constructor and creates the directory if it does not exist. However, the Directory.Exists method that it uses returns false under partial trust if the FileIOPermission class with the appropriate permissions for the target directory have not been added to the custom policy file. This prevents the application block from creating a LogWriter object if the trace listener is configured in the application configuration file. This occurs even if you do not use the FormattedTextWriterTraceListener class in your application.
For all other listeners that are configured in the application configuration file, including the TextWriterTraceListener class, the code fails only when the code calls the TraceData method to access a listener.
ASP.NET Application Directories Require Permissions
By default, ASP.NET runs under the ASPNET account in Windows 2000 and Windows XP; it runs under the NetworkService account in Windows Server 2003. If you specify a FileConfigurationSource object that is located in a directory outside the ASP.NET application folders, the account under which the application is running must have the correct permissions. The following procedure describes how to set these permissions.
To set permissions for ASP.NET Application Directories
- Add the FileIOPermission class to the policy file's <SecurityClasses> element.
- Set the Read and PathDiscovery attributes to the file specified in the Enterprise Library FileConfigurationSource class.
- Set the Read and Execute ACL permissions to the file specified in the FileConfigurationSource class.
AzMan Provider Not Available
The AzMan provider requires the Enterprise Library to be fully trusted. Because Enterprise Library does not support partially trusted calls to trusted assemblies, any application that uses the AzMan provider in the Enterprise Library must also be fully trusted. You cannot use the AzMan provider with a partial-trust security level.
| Retired Content |
|---|
This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
| The latest Enterprise Library information can be found at the Enterprise Library site. |