有些時(shí)候我們寫(xiě)的asp.net應(yīng)用程序是運(yùn)行在虛擬主機(jī)上����。有一些虛擬主機(jī)可能是由于安全的考慮����,對(duì)asp.net做了權(quán)限設(shè)置��,會(huì)導(dǎo)致我們的應(yīng)用程序無(wú)法正常運(yùn)行�����。
問(wèn)題現(xiàn)象:
由于某種原因�,asp.net不能加載某些dll文件�����,出現(xiàn)如下錯(cuò)誤提示: Server Error in '/' application.
---------------------------------------------
Required permissions cannot be acquired.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Security.Policy.PolicyException: Required permissions cannot be acquired.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[PolicyException: Required permissions cannot be acquired.]
System.Security.SecurityManager.ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, PermissionSet& denied, Boolean checkExecutionPermission) +2738293
System.Security.SecurityManager.ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, PermissionSet& denied, Int32& securitySpecialFlags, Boolean checkExecutionPermission) +57
[FileLoadException: Could not load file or assembly 'Microsoft.PRactices.ObjectBuilder, Version=1.0.51205.0, Culture=neutral, PublicKeyToken=null' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
System.Reflection.Assembly.nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, Assembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection) +0
System.Reflection.Assembly.InternalLoad(AssemblyName assemblyRef, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +211
System.Reflection.Assembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +141
System.Reflection.Assembly.Load(String assemblyString) +25
System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +32
問(wèn)題分析:
根據(jù)我的觀察�����,asp.net應(yīng)用程序直接生成的dll可以正常加載,由asp.net直接調(diào)用的外部dll也可以正常加載,但是僅被外部dll引用的其他外部dll不能加載���。我的猜想是:由于權(quán)限是不完全的,asp.net應(yīng)用本身生成的dll和直接引用的dll可以通過(guò)權(quán)限的繼承獲得權(quán)限,而僅被外部dll引用的其他外部dll因?yàn)闄?quán)限的限制不能繼承權(quán)限,因此出現(xiàn)了權(quán)限不足的問(wèn)題����。
問(wèn)題解決:
通過(guò)在我電腦的試驗(yàn)����,推測(cè)虛擬主機(jī)上修改了根web.config(在我電腦上其位置為C:/WINDOWS/Microsoft.NET/Framework/v2.0.50727/CONFIG)的設(shè)置.
默認(rèn)web.config的權(quán)限設(shè)置節(jié)如下:
<location allowOverride="true">
<system.web>
<securityPolicy>
<trustLevel name="Full" policyFile="internal" />
<trustLevel name="High" policyFile="web_hightrust.config" />
<trustLevel name="Medium" policyFile="web_mediumtrust.config" />
<trustLevel name="Low" policyFile="web_lowtrust.config" />
<trustLevel name="Minimal" policyFile="web_minimaltrust.config" />
</securityPolicy>
<trust level="Full" originUrl="" />
</system.web>
</location>
推測(cè)虛擬主機(jī)上修改之后的設(shè)置: <location allowOverride="false">
<system.web>
<securityPolicy>
<trustLevel name="Full" policyFile="internal" />
<trustLevel name="High" policyFile="web_hightrust.config" />
<trustLevel name="Medium" policyFile="web_mediumtrust.config" />
<trustLevel name="Low" policyFile="web_lowtrust.config" />
<trustLevel name="Minimal" policyFile="web_minimaltrust.config" />
</securityPolicy>
<trust level="High" originUrl="" />
</system.web>
</location> 他首先設(shè)置了allowOverride為false�,這就阻止了在用戶(hù)web.config中重新定義權(quán)限的能力。然后,他定義trust level為High����,而不是默認(rèn)的Full�。經(jīng)我測(cè)試�����,只要trust level不為Full����,僅被外部dll引用的其他外部dll就不能被加載�。 因此�,我建議技術(shù)支持將allowOverride節(jié)設(shè)置為true。這樣我就可以在web.config中重新指定權(quán)限了�。
例:<trust level="Full" originUrl="" />
最近已經(jīng)不研究aps.net了����,因此也沒(méi)有認(rèn)真去查找深層的原因��,或許我的認(rèn)識(shí)還有誤�。希望那位高手可以道出深層的原因��,或指正我的錯(cuò)誤�����。
