我們遇到了命令行(批處理)應用程序和完全/部分信任的問題。如何使我的應用程序以完全信任模式運行 - .NET 4.0控制檯應用程序
我們以前的版本(版本號7.13.0.63)工作正常,然而,當我們安裝新版本(7.13.0.249),我們得到一個「那集不允許部分受信任的調用方」。
例外:
Stack Trace (edited):
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck)
at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean skipCheckThis, Boolean fillCache)
at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean skipCheckThis, Boolean fillCache)
at System.Activator.CreateInstance[T]()
at <Company>.Service.<Product>.Proxy.Factories.ControllerProxyFactory.Create[T]()
<Stack Trace that leads to creation of a WCF client> ...
Inner Exception:
An error occurred creating the configuration section handler for system.serviceModel/behaviors: That assembly does not allow partially trusted callers. (C:\Program Files (x86)\InsuranceLine\ListLoader\InsuranceLine.ListLoader.Launcher.exe.Config line 53)
Stack Trace:
at System.Configuration.BaseConfigurationRecord.EvaluateOne(String[] keys, SectionInput input, Boolean isTrusted, FactoryRecord factoryRecord, SectionRecordsectionRecord, Object parentResult)
at System.Configuration.BaseConfigurationRecord.Evaluate(FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentResult, Boolean getLkg, Boolean getRuntimeObject, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSection(String configKey)
at System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(String sectionName)
at System.Configuration.ConfigurationManager.GetSection(String sectionName)
at System.ServiceModel.Activation.AspNetEnvironment.UnsafeGetSectionFromConfigurationManager(String sectionPath)
at System.ServiceModel.Activation.AspNetEnvironment.UnsafeGetConfigurationSection(String sectionPath)
at System.ServiceModel.Configuration.ConfigurationHelpers.UnsafeGetAssociatedSection(ContextInformation evalContext, String sectionPath)
at System.ServiceModel.Description.ConfigLoader.LookupChannel(ContextInformation configurationContext, String configurationName, ContractDescription contract, EndpointAddress address, Boolean wildcard, Boolean useChannelElementKind, ServiceEndpoint& serviceEndpoint)
at System.ServiceModel.ChannelFactory.InitializeEndpoint(String configurationName, EndpointAddress address)
at System.ServiceModel.ChannelFactory`1..ctor(String endpointConfigurationName, EndpointAddress remoteAddress)
<Stack Trace that determines the correct WCF factory to create>
Inner Exception:
That assembly does not allow partially trusted callers.
Stack Trace:
at System.Security.CodeAccessSecurityEngine.ThrowSecurityException(RuntimeAssembly asm, PermissionSet granted, PermissionSet refused, RuntimeMethodHandleInternal rmh, SecurityAction action, Object demand, IPermission permThatFailed)
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck)
at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean skipCheckThis, Boolean fillCache)
at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean skipCheckThis, Boolean fillCache)
at System.Activator.CreateInstance(Type type, Boolean nonPublic)
at System.ServiceModel.Configuration.ServiceModelExtensionCollectionElement`1.CreateNewSection(String name)
at System.ServiceModel.Configuration.ServiceModelExtensionCollectionElement`1.DeserializeElementCore(XmlReader reader)
at System.ServiceModel.Configuration.ServiceModelExtensionCollectionElement`1.DeserializeElement(XmlReader reader, Boolean serializeCollectionKey)
at System.Configuration.ConfigurationElementCollection.OnDeserializeUnrecognizedElement(String elementName, XmlReader reader)
at System.Configuration.ConfigurationElement.DeserializeElement(XmlReader reader, Boolean serializeCollectionKey)
at System.Configuration.ConfigurationElement.DeserializeElement(XmlReader reader, Boolean serializeCollectionKey)
at System.Configuration.ConfigurationSection.DeserializeSection(XmlReader reader)
at System.Configuration.RuntimeConfigurationRecord.RuntimeConfigurationFactory.CreateSectionImpl(RuntimeConfigurationRecord configRecord, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentConfig, ConfigXmlReader reader)
at System.Configuration.RuntimeConfigurationRecord.RuntimeConfigurationFactory.CreateSectionWithRestrictedPermissions(RuntimeConfigurationRecord configRecord, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentConfig, ConfigXmlReader reader)
at System.Configuration.RuntimeConfigurationRecord.CreateSection(Boolean inputIsTrusted, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentConfig, ConfigXmlReader reader)
at System.Configuration.BaseConfigurationRecord.CallCreateSection(Boolean inputIsTrusted, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentConfig, ConfigXmlReader reader, String filename, Int32 line)
關於我們用於部署產品的過程,我們使用通過WiX創建的MSI。我們執行下列步驟:
- 卸載以前版本的產品
- 複製的MSI從網絡共享(兩個版本相同的份額,根據版本的不同子目錄)
- 安裝MSI作爲管理員
- 這將安裝到C:\ Program Files文件(x86)的
的只有2個版本之間的變化是:
- 額外的AppSettings項目的app.config文件(myapp.exe.config)列入指定事務超時
- 更改「使用新的TransactionScope() 「to」使用新的TransactionScope(TransactionScopeOption.Required,timeoutValueReadFromAppSettingsAndStoredInLocalVariable)「
- 創建WCF客戶端在此事務範圍之外。
附加信息:
- 異常不會發生在我們的任何開發/分期/ QA /預生產環境。它只發生在我們的生產應用服務器上。
- 我們正在將Windows 7推廣到我們的組織,因此企業策略可能已經發生變化。
- 該應用程序面向.Net Framework 4。0
- 如果我們卸載新版本,並重新安裝老版本(包括網絡共享副本)舊版本工作正常,仍然
- 本機正在安裝爲Windows Server 2008 R2
- 本機是一種是在VMware環境中託管的虛擬機
理想我想知道的幾件事情:
- 如何改變組件(或設定權限安裝後),以便它可以運行我吶完全信任模式
- 如何複製在開發/分期/ QA環境問題
- 明確將「不信任」大會可能重現,但我想重現它在相同的方式生產,這樣,當它是安裝它被認定爲不可信,在我看來,做這件事的方式與「複製」網絡共享有關,我從MSI /程序集中複製MSI或可能「不信任」發佈者信息。
- 如何配置生產應用服務器/安全策略,以便將來安裝是完全可信的(接聽項目2很可能會回答這個問題)
感謝
添加了其他信息該服務器是在VMWare中託管的虛擬服務器。 – Sean
您是否找到解決方案?我遇到類似的問題。我想運行我的應用程序(EXE)完全或高信任,我也使用WiX來生成安裝程序? –
對不起Darshan,我沒有找到真正的解決方案。 2-3天后,新版本的安裝工作正常(從同一網絡位置完全相同的MSI)。但是,沒有人會承認對環境做出任何改變,並且自那以後我一直無法複製這個問題。 – Sean