• Toll-free  888-665-8637
  • International  +1 717-220-0012
Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Rene
#1 Posted : Friday, September 15, 2006 3:05:48 PM(UTC)
Rene

Rank: Member

Joined: 3/20/2006(UTC)
Posts: 27

Summary:
I'm in the process of trying to create my BV 5 site on a test url I have.

-the asp.net 2 is setup
-sql 2005 database established, and 3 scripts run.
-web.config updated for connection string
-the host said they set the 3 permissions

When I go the test url, I receive a "Server Error in '/' Application" error. :shocked:


I wrote my webhost and the responded with the following email. Any ideas?



Here's my hosting company's email:

looking at your site locally shows us this error below. All the file permissions are set as needed but we are not sure if maybe some .dll or files could be missing from this application.

Hope this helps. Speaking with BV Software before they told us that the permission required is the same as our configuration for shared hosting using Custom Medium Trust for ASP.NET 2.0.



Required permissions cannot be acquired.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Security.Policy.PolicyException: Required permissions cannot be acquired.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:


[PolicyException: Required permissions cannot be acquired.]
System.Security.SecurityManager.ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, PermissionSet& denied, Boolean checkExecutionPermission) +2738101
System.Security.SecurityManager.ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, PermissionSet& denied, Int32& securitySpecialFlags, Boolean checkExecutionPermission) +57

[FileLoadException: Could not load file or assembly 'nsoftware.IBizPayWeb, Version=3.1.2286.0, Culture=neutral, PublicKeyToken=cdc168f89cffe9cf' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
System.Reflection.Assembly.nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, Assembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection) +0
System.Reflection.Assembly.InternalLoad(AssemblyName assemblyRef, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +211
System.Reflection.Assembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +141
System.Reflection.Assembly.Load(String assemblyString) +25
System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +32

[ConfigurationErrorsException: Could not load file or assembly 'nsoftware.IBizPayWeb, Version=3.1.2286.0, Culture=neutral, PublicKeyToken=cdc168f89cffe9cf' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +596
System.Web.Configuration.CompilationSection.LoadAllAssembliesFromAppDomainBinDirectory() +3479065
System.Web.Configuration.CompilationSection.LoadAssembly(AssemblyInfo ai) +46
System.Web.Compilation.BuildManager.GetReferencedAssemblies(CompilationSection compConfig) +177
System.Web.Compilation.BuildProvidersCompiler..ctor(VirtualPath configPath, Boolean supportLocalization, String outputAssemblyName) +180
System.Web.Compilation.CodeDirectoryCompiler.GetCodeDirectoryAssembly(VirtualPath virtualDir, CodeDirectoryType dirType, String assemblyName, StringSet excludedSubdirectories, Boolean isDirectoryAllowed) +347
System.Web.Compilation.BuildManager.CompileCodeDirectory(VirtualPath virtualDir, CodeDirectoryType dirType, String assemblyName, StringSet excludedSubdirectories) +125
System.Web.Compilation.BuildManager.CompileCodeDirectories() +525
System.Web.Compilation.BuildManager.EnsureTopLevelFilesCompiled() +448

[HttpException (0x80004005): Could not load file or assembly 'nsoftware.IBizPayWeb, Version=3.1.2286.0, Culture=neutral, PublicKeyToken=cdc168f89cffe9cf' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
System.Web.Compilation.BuildManager.ReportTopLevelCompilationException() +57
System.Web.Compilation.BuildManager.EnsureTopLevelFilesCompiled() +612
System.Web.Hosting.HostingEnvironment.Initialize(ApplicationManager appManager, IApplicationHost appHost, IConfigMapPathFactory configMapPathFactory, HostingEnvironmentParameters hostingParameters) +456

[HttpException (0x80004005): Could not load file or assembly 'nsoftware.IBizPayWeb, Version=3.1.2286.0, Culture=neutral, PublicKeyToken=cdc168f89cffe9cf' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +3426871
System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +88
System.Web.HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr) +149
Marcus
#2 Posted : Friday, September 15, 2006 4:18:30 PM(UTC)
Marcus

Rank: Member

Joined: 11/5/2003(UTC)
Posts: 1,786

Rene,

I believe that the nsoftware DLL requires read/write permissions to the asp.net temp folder in order to work correctly. We've contacted nsoftware about this issue and the current work around is to grant the ASPNET user account read/write permissions.
Rene
#3 Posted : Saturday, September 16, 2006 3:17:48 PM(UTC)
Rene

Rank: Member

Joined: 3/20/2006(UTC)
Posts: 27

Marcus,

thanks for your message. Below is my hosting company's response. I have an email out to them inquiring as to what the differences are between the two environments they discuss. Price, performance, other, etc. Here's their reply:

Hi Rene,

we are not able to get BV Commerce working in a Medium Trust environment as it should according to their site, we have been able to get it working in a Full Trust environment. We have a test site running of your website at http://www.aspxresource.com . This is meant for testing, only a way to show you it working. We can offer your site to be moved over to this new server that is running in Full Trust or contact BV Software to see if they can assist further with this issue.

Best regards,

Technical Support
Andy Miller
#4 Posted : Saturday, September 16, 2006 3:38:05 PM(UTC)
Andy Miller

Rank: Member

Joined: 11/5/2003(UTC)
Posts: 2,136

Was thanked: 1 time(s) in 1 post(s)
Ask your host to try Medium Trust + "read/write permissions to the asp.net temp folder" which is typically something like "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\site".
Andy Miller
Structured Solutions

Shipper 3 - High Velocity Shipment Processing
Rene
#5 Posted : Monday, September 18, 2006 1:31:24 PM(UTC)
Rene

Rank: Member

Joined: 3/20/2006(UTC)
Posts: 27

Andy,
Thank you for your post. I relayed your suggestion and he responded



"permissions are setup already this way for the Temporary ASP.NET Files directory, on both version of .NET and the Windows temp directory but using Network Services, as we only run IIS6 and the ASP.NET group isn't used on this version".



Based on what they have explained to me they can get BV 5 to work on a "Full Trust" server so we're planning to move my sites to a different server to solve this issue.



Thanks to all.

Rene'
CodeSine
#6 Posted : Monday, September 18, 2006 5:03:48 PM(UTC)
CodeSine

Rank: Member

Joined: 11/18/2003(UTC)
Posts: 1,465

You should not need to run in full trust if the proper permissions are setup on this Temp folder, even in IIS6.
TIM

BVC Add-Ons and Development
Andy Miller
#7 Posted : Wednesday, September 27, 2006 3:54:52 PM(UTC)
Andy Miller

Rank: Member

Joined: 11/5/2003(UTC)
Posts: 2,136

Was thanked: 1 time(s) in 1 post(s)
I should have checked before I wrote my post above. I added this to the web.config file:


Code:

[color=#0000ff]
<[/color][color=#800000]trust[/color][color=#0000ff] [/color][color=#ff0000]level[/color][color=#0000ff]=[/color][color=#000000]"[/color][color=#0000ff]Medium[/color][color=#000000]"[/color][color=#0000ff] />
[/color]
And now I get the same "Required permissions cannot be acquired" for both nsoftware.IBizPayWeb and CyberSource.


I have granted ASPNET read/write/modify permission to both C:\Windows\Temp (in case they are trying to create web service proxies) and C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files.



Does anyone have a list of the specific permissions that those assemblies are demanding?
Andy Miller
Structured Solutions

Shipper 3 - High Velocity Shipment Processing
Andy Miller
#8 Posted : Wednesday, September 27, 2006 5:49:02 PM(UTC)
Andy Miller

Rank: Member

Joined: 11/5/2003(UTC)
Posts: 2,136

Was thanked: 1 time(s) in 1 post(s)
Quick followup...once I installed nsoftware.IBizPayWeb.dll into the GAC the error disappeared.
Andy Miller
Structured Solutions

Shipper 3 - High Velocity Shipment Processing
Andy Miller
#9 Posted : Wednesday, September 27, 2006 6:37:42 PM(UTC)
Andy Miller

Rank: Member

Joined: 11/5/2003(UTC)
Posts: 2,136

Was thanked: 1 time(s) in 1 post(s)
The problem appears to be that nsoftware.IBizPayWeb.dll is a strong named assembly in the private assembly directory. This combination apparently resolves to a trust level that does not meet the permission demand.


For those of you that already have nsoftware.IBizPayWeb.dll in your GAC you will need to remove it and clear out the Temporary ASP.NET Files folder for your site to recreate the problem. If you don't perform both steps than the previous permissions will be honored.



I have found two ways to solve it: 1) install nsoftware.IBizPayWeb.dll in the GAC, or 2) modify the policy file (i.e. web_mediumtrust.config) to grant the assembly special permission.



Granting the Assembly Special Permission



Find this CodeGroup in the policy file (i.e. web_mediumtrust.config),



Code:

<CodeGroup
class="UnionCodeGroup"
version="1"
PermissionSetName="ASP.Net">
<IMembershipCondition
class="UrlMembershipCondition"
version="1"
Url="$AppDirUrl$/*"
/>
</CodeGroup>





Insert this new CodeGroup in front of the one shown above,


Code:

<CodeGroup class="UnionCodeGroup"
version="1"
PermissionSetName="FullTrust"
Name="nsoftware_Strong_Name"
Descript[b][/b][b][/b]ion="This code group grants code signed with the nsoftware strong name full trust. ">
<IMembershipCondition class="StrongNameMembershipCondition"
version="1"
PublicKeyBlob="0024000004800000940000000602000000240000525341310004000001000100A16D3AB703D4AC12ED95A7791BAD045C4921B69C97E4329D931B68357E8FC012B136D0D69F30E1C037D312A89E5A837ECB3F09314822872401E653AE7AE9C6BD9856CD288AE55624F0F3ACFEB1073EF845C6343046520A7DA185F3CED42403AA804ABEE5C3F2E77085486B88E42718140922E6BE12D0F46AFA90BC6BF50752CB"
/>
</CodeGroup>


This new code group will grant any assembly signed with the nsoftware key (or at least the key that was used to sign nsoftware.IBizPayWeb.dll) FullTrust. I have not investigated if something less than FullTrust will work for this assembly or if a custom permission set would work because I do not know what custom permissions it requires. Regardless, this seems like a pretty good compromise to granting the entire application FullTrust.



Update: I just read that installing an assembly in the GAC grants it FullTrust, so the modification above grants the equivalent trust level.
Andy Miller
Structured Solutions

Shipper 3 - High Velocity Shipment Processing
Andy Miller
#10 Posted : Thursday, September 28, 2006 4:36:39 AM(UTC)
Andy Miller

Rank: Member

Joined: 11/5/2003(UTC)
Posts: 2,136

Was thanked: 1 time(s) in 1 post(s)
CyberSource.dll has the same problem but nsoftware did not sign it wit the same key so it will need a second <CodeGroup>,




Code:

<CodeGroup class="UnionCodeGroup"
version="1"
PermissionSetName="FullTrust"
Attributes="LevelFinal"
Name="nsoftware_Cybersource"
Descript[b][/b]ion="This code group grants code signed by nsoftware with full trust.">
<IMembershipCondition class="StrongNameMembershipCondition"
version="1"
PublicKeyBlob="00240000048000009400000006020000002400005253413100040000010001006DCD663194F6CFE925D8F0001477E0AB3BD1C33A7C720D496DAE148B3758B76E2EA2A5615634ABF3E8439314074560A61E2FC0F654DB3516D525D72ECF1B243A71C6432500BBA055AB99074BDB3F155A6A99B888F5F16D015B1895063E7DC78F2B21D77FC685EE9CC2EAC243EFEB1577C93470E8DC8354E2A4B1F5507EDA1EF2"

/>
</CodeGroup>


Or...if you do not use CyberSource then just delete the DLL from the bin directory.
Andy Miller
Structured Solutions

Shipper 3 - High Velocity Shipment Processing
CodeSine
#11 Posted : Thursday, September 28, 2006 12:14:02 PM(UTC)
CodeSine

Rank: Member

Joined: 11/18/2003(UTC)
Posts: 1,465

CyberSource is actually a stand alone provider - meaning it's not using nsoftware. That DLL is provided directly from CyberSource.
TIM

BVC Add-Ons and Development
Andy Miller
#12 Posted : Thursday, September 28, 2006 4:17:59 PM(UTC)
Andy Miller

Rank: Member

Joined: 11/5/2003(UTC)
Posts: 2,136

Was thanked: 1 time(s) in 1 post(s)
Originally Posted by: "CodeSine" Go to Quoted Post

CyberSource is actually a stand alone provider - meaning it's not using nsoftware. That DLL is provided directly from CyberSource.

Thank you. I heard back from /n software and they let me know the specific security permissions IBizPayWeb requires (UnmanagedCode and SkipVerification). Both of these permissions are included in FullTrust (but not MediumTrust or even HighTrust). So a host can either grant IBizPayWeb FullTrust as shown above or create a new PermissionSet with the additional security permissions. I sent instructions for how to do this to /n software. I'm hoping they create a KB article.


The authors of CyberSource inserted a demand for unrestricted access to about a dozen area (like Registry, Environment, etc). Unless they change this in a future release you will need to grant FullTrust to the CyberSource assembly as shown above (or to the entire site).
Andy Miller
Structured Solutions

Shipper 3 - High Velocity Shipment Processing
CodeSine
#13 Posted : Thursday, September 28, 2006 4:27:08 PM(UTC)
CodeSine

Rank: Member

Joined: 11/18/2003(UTC)
Posts: 1,465

Nice digging on the permissions Andy, we should definately add these to a BV KB as well. Also, if users are not using a certain gateway they can go into the Task Loader file and comment it/them out.
TIM

BVC Add-Ons and Development
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

©2024 Develisys. All rights reserved.
  • Toll-free  888-665-8637
  • International  +1 717-220-0012