[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

microsoft.public.dotnet.framework.remoting

StrongNamed Assembly and SecurityException While Remoting, Again

csliuyb

11/2/2004 4:38:00 PM

The question of mine is quite similar to the queistion asked by Mike Stevens
8/28/2004, I have a server application which publishs a remote object, and a
client application which calls the method of this remote object. When, client
passes a object of a type that is defined in a strong named assembly in GAC
as parameter, SecurityException will raise in Server Application. This
situation won't occur if the assembly is not strong named.
My immature guess is that, while the server application deserializing the
object from messages of client by calling BinaryFormatter's
'UnsafeDeserialize' method, the thread doesn't have the
'SecurityPermissionAttribute.SerializationFormatter' permission, so security
check fails and exception occur.

I traced into the call stack of server and found the following frame:(For my
windows is chinese version, some of the description is omitted)

mscorlib.dll!
System.Security.SecurityRuntime.FrameDescSetHelper
mscorlib.dll!
System.Runtime.Serialization.FormatterServices.GetSafeUninitializedObject
mscorlib.dll!
System.Runtime.Serialization.Formatters.Binary.ObjectReader.ParseObject
mscorlib.dll!
System.Runtime.Serialization.Formatters.Binary.ObjectReader.Parse
mscorlib.dll!System.Runtime.Serialization.Formatters.Binary.__BinaryParser.ReadObjectWithMapTyped
mscorlib.dll!
System.Runtime.Serialization.Formatters.Binary.__BinaryParser.ReadObjectWithMapTyped
mscorlib.dll!
System.Runtime.Serialization.Formatters.Binary.__BinaryParser.Run
mscorlib.dll!System.Runtime.Serialization.Formatters.Binary.ObjectReader.Deserialize
mscorlib.dll!
System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize
mscorlib.dll!
System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.UnsafeDeserialize

system.runtime.remoting.dll!System.Runtime.Remoting.Channels.CoreChannel.DeserializeBinaryRequestMessage

system.runtime.remoting.dll!System.Runtime.Remoting.Channels.BinaryServerFormatterSink.ProcessMessage

system.runtime.remoting.dll!System.Runtime.Remoting.Channels.Tcp.TcpServerTransportSink.ServiceRequest

system.runtime.remoting.dll!System.Runtime.Remoting.Channels.SocketHandler.ProcessRequestNow

system.runtime.remoting.dll!System.Runtime.Remoting.Channels.RequestQueue.ProcessNextRequest

system.runtime.remoting.dll!System.Runtime.Remoting.Channels.SocketHandler.BeginReadMessageCallback
system.dll!System.Net.LazyAsyncResult.InvokeCallback
system.dll!System.Net.LazyAsyncResult.InvokeCallback
system.dll!System.Net.Sockets.OverlappedAsyncResult.CompletionPortCallback