Login | Register   
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


advertisement
 

Using Enterprise Library in ASP.NET 2.0 Partial Trust Mode

The Enterprise Library Application Blocks aren't useful only in Windows Forms applications; you can use them in ASP.NET too by downloading a set of patch files and configuring the security settings appropriately. Find out how.


advertisement
lthough originally envisaged as a product for use in Windows Forms (executable) applications, Enterprise Library is proving popular with Web application developers as well. For example, the Data Access Application Block, the Cryptography Application Block, the Exception Handling Application Block, and the Logging Application Block provide useful features that can considerably simplify development of complex applications. Some blocks, such as the Caching Application Block, contain features that are also supported directly by ASP.NET; however these can sometimes prove useful in specific scenarios. For example, unlike the ASP.NET Caching mechanism, the Caching Application Block allows the simultaneous use of both a sliding and an absolute expiration time for cached values. The Security Application Block also offers a more flexible approach for features such as authorization and security credential caching than ASP.NET if you need to roll your own mechanisms.

The main issue in the past has been that many features of Enterprise Library work only in Full Trust mode, whereas many Web applications must run in lower trust modes. In particular, Medium Trust is a popular choice, because it limits the permissions of many features of ASP.NET and the .NET Framework that could compromise operations, while still not limiting the functionality of the code too severely. To resolve this issue, the Microsoft patterns & practices (p& p) group has released a patch for Enterprise Library that lets you use it more easily in partial trust mode. The patch replaces some of the Enterprise Library source code to change its behaviors, including:

  • Removal of most assembly-level permission demands. The default installation of Enterprise Library—January 2006 version—makes demands for all the permissions required for a block at the assembly level, which causes loading of that assembly to fail in non-Full Trust scenarios. The patched version allows assemblies to load—but you are then responsible for writing code that fails gracefully when a code access security exception arises. This occurs only in a few isolated places, such as instrumentation calls that write to the Event Log.
  • Permission demands defined within the code. Where code within Enterprise Library requires additional permissions, the demands are implemented within the code at that point (either in Enterprise Library code or in the base .NET class libraries), and limited to the features that require the permissions. Therefore, security exceptions will arise only when those particular code sections execute.
  • Graceful performance degradation. Where possible, code that demands permissions fails gracefully when the requested permissions cannot be granted, instead of generating an outright failure. For example, if the Logging Application Block is unable to call the API that provides information about the current process, the process information is simply left out of the message it generates and logs.
Author's Note: The patch does not add the AllowPartiallyTrustedCallersAttribute to the Enterprise Library assemblies. As a result, it does not support situations where a partially trusted application attempts to use the Enterprise Library blocks and code as fully trusted. The patch does support situations where both the application and the Enterprise Library are running under partial trust.

Obtaining and Installing the Partial Trust Patch
To obtain the Partial Trust Patch, you must join the community at the GotDotNet Web site. Follow the Patches link and download the zip file for Partial Trust Patch (2554). The zip file contains the updated source code files only, so you must copy them over the existing files in your Enterprise Library source installation, and then recompile it.


Author's Note: Applying the patch overwrites a number of existing source files with new versions. If you have modified the Enterprise Library source code or unit tests to suit your own specific requirements, you must manually reconcile your changes with the changes included in the patch. Therefore, you should back up your original source code before applying the patch, and use a tool such as the Windiff utility to determine which files are different from the original files to ensure your changes are not overwritten by files included in the patch. You should run the suite of unit tests after applying the patch to ensure that the modified library still compiles and runs correctly.

To apply the patch, extract the files from the zip file, maintaining the folder structure within it, and then copy the Src and UnitTests folders over the existing Src and UnitTests folders installed with Enterprise Library. The default installation location for Enterprise Library is %Program Files%\Microsoft Enterprise Library January 2006. After copying the new files, run the "Build Enterprise Library" and "Copy Assemblies to bin Folder" utilities from the Enterprise Library section of your Start menu to recompile all the source code and then copy the updated assemblies into the runtime bin folder. Ensure that the recompilation runs without reporting any errors.

The patch zip file contains an HTML document that describes the patch in detail, and lists the blocks and features that require special permissions when running in any mode other than Full Trust. The patches affect selected features of all six blocks, plus the configuration system and the instrumentation built into Enterprise Library. The tables at the end of the HTML document list and describe the affected features, and show the permission you must grant for each one. The document also lists known issues for the patch. For an overview of Enterprise Library and details of the installation and initial configuration process, see the article "An Introduction to Enterprise Library."



Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap