현재> 20090112 : google search key word : wpf , trust , trustnotgranted (exception) .netframeword , net35 trust , browser application , wpf web , etc
1. 일단 .netframework 3.5 에서 작업하던것을 => .net3.0 으로 downgrade 한다.
--> net35 에서 hellow word 조차 안뜨던것이 net30 에서는 뜬다. 성공이다. 코딩을 다시 엎는다.
2. http://social.msdn.microsoft.com/Forums/en-US/csharpgeneral/thread/61d928fe-d6b3-45b7-bf58-f847083b87f1/
* SpeechLib 와 Trush 에 관한 내용이 있는대 이렇타.
1)[Hi,I incorporated the SpeechLib into my C# web project (to read captcha text to the user), but on uploading it to my shared host - godaddy - running medium trust. I get a security error.Does anyone know of a work around or an alternative?Thanks!]
지금 Speechlib 를 이용하여 , web browser 프로그램을 만들고 있는대, security 에러(예외) 등이 발생해서 진행이 안된다. , ( 지금 저의 현상과 아주 똑같음 )
2)[You won't be able to do this. If GoDaddy has a medium trust, and your SpeechLib requires full trust, then you'll need either:1. Your own server.2. A different library. Most host sites restrict permissions to protect their own servers from crashing/etc. If the Microsoft Speech API won't run without full trust, then then you'll have to have them grant it full trust, which they probably won't do, because they want to keep the other sites for their other subscribers happily running. You might be able to create some kind of Windows client for your viewers to download, which would allow them to read your content, but keep in mind that your users will need to grant the assembly full trust as well. ]
David Morton - http://blog.davemorton.net/
답변 : 지금 그대로 사용하면 안되며, speechlib 는 full trust 가 필요한대, 이렇게 하면 될것이다.
1. 서버를 가져라 ==> 설정을 마음대로 바꿀수 있는 서버 정도 될것이다.
2. 라이브러리를 바꿔라 ... ==> 사실 공개 라이브러리밖에 못쓰는 사용자는 어떻하란 말인가.
: SpeechLib 는 full trust 아니면 실행이 안된다고 하는대 , 아마 full trust 설정을 못할것이다..
따라서 굳이 speechlib 를 이용하려면, WindowApplication 프로그램을 만들어서 ,
사용자(end user) 가 download 를 해서 사용하게끔 만들면될꺼다....... 라는대... (이건 필자가 원하는것이 아니다. 필자는 web brower 에서 실행되는 speech lib 를 원한다. )
20090112 : 출처.
Creating A Full Trust WPF Web Browser (.xbap) Application http://www.davidezordan.net/blog/?p=106
If your application needs Full Trust with a self-generated certificate, remember to install it in the Trusted Root Certificate Authority
& >http://scorbs.com/2007/01/10/xbap-trust-levels : Trust Levels
덧글로 추가함
-- more --
덧글로 하고, 다 되면, 다시 수정해서 정리함.
댓글 3개:
특정 lib 를 가져와 쓸때 Trust Not Granted 메시지 발생
필자는 - using SpeechLib; 에서 에러
: Component 에서, Add ref : Microsoft Speech Object 를 가져올때는 발생하지 않음.
이 덧글의 내용은 http://scorbs.com/2007/01/10/xbap-trust-levels 에거 발췌한것임 :
[XBAP & Trust Levels]
* XAML Browser Applications (XBAPs) in this version are promptless in-browser experiences.
This has many implications:
clean experience when navigating to an XBAP. (There is no Information Bar or security warning before launching the app.)
cached (not installed) on the user’s machine.
security sandbox.
[Sandboxed Applications ]
The third bullet above is especially important for XBAP developers. XBAPs obey the security contract of being in the browser: they are sandboxed according to their deployment zone. Today, there is no way to seamlessly “elevate” and prompt the user for additional permissions. (This is an often-requested feature and something we are investigating for future versions.) The sandboxed restriction also means that XBAP developers need to be conscious of the bounds of the security sandbox as they develop their app. (See previous post.)
Note: By default, all XBAPs request the Internet Zone permission set in their application manifest. In V1, there is no significant difference between the Internet & Intranet permission sets.
[“I want my XBAP to run with full trust. I heard there are workarounds..?” ]
Given the sandbox restrictions and the wide range of experiences desired in the browser, this is not surprisingly a frequently asked question about XBAPs.
If you want full trust, you should first consider building a standalone installed WPF application. These by default run in full trust and can be deployed using ClickOnce, giving many of the deployment benefits of a browser application.
If your scenario requires that you’re an XBAP, there is no built-in way for XBAPs to prompt and request more permissions. That being said, XBAPs are ClickOnce applications behind the scenes. That means it is possible to use ClickOnce-based methods to gain access to trusted actions. There are two main options:
1. Install an AllowPartiallyTrustedCallersAttribute’d (APTCA)assembly in to the client’s Global Assembly Cache (GAC). Use this full trust assembly to proxy calls for the XBAP.
2. Install a certificate in to the user’s trusted publisher’s store. Use ClickOnce trusted application deployment by signing the XBAP with the certificate.
[Neither of these workarounds are ideal from a security standpoint, but we believe the latter is the better option. ]
GAC’d APTCA assemblies are accessible to ALL partial trust callers and therefore are susceptible to repurposing by 3rd parties. There are ways to mitigate this exposure – for instance, one could use the [InternalsVisibleTo] attribute to only expose methods to specific “friend” XBAP assemblies. However, mistakes or incomplete usage of this mitigation could potentially open wide security holes. In addition, the management of installed APTCA assemblies is very end-user unfriendly.
For intranet XBAPs, pushing out a trusted publisher certificate through group policy is a fine way of enabling LOB scenarios.
However, for consumer scenarios, trusted deployment via trusted publisher certs has its drawbacks. This is because it affects more than just XBAP deployment: many trust decisions prompts are bypassed for trusted publishers. Still, this workaround has the advantage of being scoped to the specific publisher.
For V1 consumer XBAPs, we make the following recommendations:
1. Be sure your app needs to be an XBAP. (Can it be a full trust standalone ClickOnce application?)
2. Trusted app deployment is preferred of the two workarounds.
3. Use a separate cert to sign each XBAP group. Otherwise, a user who decides to trust one set of XBAP will implicitly agree to trust all XBAPs (& ActiveX controls, etc) signed with that certificate. This scopes the security impact (and responsibility) of any particular certificate.
4. Use an MSI to install the cert. This ensures installation is consistent with the configured security installation settings on the client machine (e.g. requiring Admin rights).
5. Install the cert into the user’s trusted publisher store, not the machine’s. This reduces the machine decisions that the trusted publisher cert can impact.
6. Clearly notify the user at installation that they are changing the user’s trusted publisher store.
7. Provide clear installation instructions on the page containing the XBAP. If the cert is not installed and the XBAP requests full trust, a “Trust Not Granted” error is shown.
Please use the above method with extreme care. We’re exploring changing XBAP elevation to work better in future versions. Your feedback in this area, as always, is appreciated.
[Other FAQs ]
How did you implement the sandbox?
The XBAP sandbox is based on the .NET Framework security model: Code Access Security. In this model, permissions gate the actions that a particular app can do (i.e. FileIOPermission controls file system access). What permissions are granted depends on what deployment zone an application is deployed from. A detailed explanation on our implementation strategy can be found in the WPF Sandbox Whitepaper.
When will you be expanding the sandbox?
We’ve had a lot of requests for specific features to be brought in to the Internet sandbox. Currently, we’re exploring plans for our next version. We would love feedback if there is a non-sandboxed feature that is blocking you. Please leave comments on this blog post or send requests to wpfsec at microsoft dot com.
/////--------------------------------------------------------------------------------------
/////--------------------------------------------------------------------------------------
/////--------------------------------------------------------------------------------------
/////--------------------------------------------------------------------------------------
/////--------------------------------------------------------------------------------------
re : slyi
Is there any definaitive answer on the xbap cookie access as it causing much confusion see http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=1016463&SiteID=1
re : j
Is there any support for WCF in XBAP apps yet? Or is it just not going to happen?
re : Bill
Please add support for bitmap effects in XBAP. Not having them has been frustrating for graphics design. Thanks!
re : Chad Campbell
Great post. I look forward to XBAP support for WCF.
re : Brian
Can I purchase a cert from Verisign and use it to sign my app? Thereby skipping the step where I need to install a trusted cert in the user’s personal store?
re : Karen
Brian,
No - VeriSign is a trusted root certification authority. That means that a user trusts that a cert from VeriSign actually represents the person it says it does. (Bob gets a cert from VeriSign. User trusts that the cert is actually Bob’s cert, because it trusts Verisign who issued the cert.)
A user still need to install the cert in to the trusted publishers store for the user in order to trust that publisher.
Hope that made sense!
Karen
re : Ruurd Boeke
Hi,
I have a full trust xbap that will run fine. It will throw an exception as soon as it hits code that will modify the registry. I would have thought that having full trust would fix that. ( this if for a corporate intranet application).
Could you give a hint about where to look?
Kind regards,
Ruurd Boeke
re : Karen
XBAPs are click once applications. They run as non-admin processes… My suspicion is you’re trying to modify HKCU
re : Guy
I’ve got this problem with xbap can anyone figure out what can be wrong and how could it be that xbap work only in anew instance of IE ????
http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=2057135&SiteID=1
Thank a lot.
re : Alvin B
I would like my xbap to write back to the browser accessing the DOM model and Javascript. Reason: My app would now be able to chain events from the XBAP to the browser. Note, this is possible today using managed user controls and the appropriate interfaces so the feature release would not open any hole.
re : Philipp
Hi Karen,
Thanks for the great post. I have a related question. I have already put a lot of time into coding a Windows Forms control which is hosted in a webpage via the tag. But I recently wanted to upgrade it with a WPF control so I tried to add an instance of ElementHost to my control. But the ElementHost’s constructor fails with a “Request failed.” exception. I have given my control FullTrust.
Do you know if this is possible? Do I have to assert a security permission? Or must I rewrite the control from scratch as an XBAP?
Thanks!
re : Eric
Hi Karen
Excellent post! Can you please elaborate in the first workaround?
“Install an AllowPartiallyTrustedCallersAttribute’d (APTCA) assembly in to the client’s Global Assembly Cache (GAC). Use this full trust assembly to proxy calls for the XBAP.”
I am working with an xbap application in Visual Studio 2008. I installed an APTCA assembly in the client’s GAC like you indicated but when I try to run my code I get the following exception:
System.Security.SecurityException: Request for the permission of type ‘System.Security.Permissions.FileIOPermission
Thanks in advance
출처 : http://1and0.tistory.com/tag/%EC%9D%B8%EC%A6%9D%EC%84%9C
..////////////////////////////////
인증서 파일을 업체에서 받으면
mycert.pvk 파일과 mycert.spc 파일 두 가지가 온다.
프로그래밍을 하다 보면 다른 인증 파일이 필요할 경우가 있는데
이때는 이 두가지 파일로 변환이 가능하다.
mycert.pvk -> mycert.cer
makecert -sv "mycert.pvk" -n "CN=mycorp.com" mycert.cer
mycert.cer -> mycert.spc
cert2spc mycert.cer mycert.spc
mycert.pvk, mycert.spc -> mycert.pfx
pvk2pfx.exe -pvk mycert.pvk -spc mycert.spc [-pfx mycert.pfx]
pvkimprt -PFX "mycert.pfx "mycert.spc" "mycert.pvk"
MS 의 정책에 따라 Assembly를 배포할 때는 추가적으로 필요한 것들이 있다.
publicKeyToken 생성
publicKeyToken은 Assembly Manifest를 작성할때 사용되는 값이다.
pktextract.exe mycert.cer
cdf 파일 생성
manifest의 유효성을 증명하는 보안 카탈로그의 내용을 서술하는 .cdf 파일 생성
manifest 파일에 SHA-1 hash를 추가한다.
mt.exe -manifest myassembly.manifest -hashupdate -makecdfs
어셈블리의 보안 카탈로그 생성
makecat.exe myassembly.manifest.cdf
인증된 카탈로그 파일을 사인
signtool sign /f mycert.pfx [/p pw] /du http://www.mycompany.com/myassembly /t http://timestamp.verisign.com/scripts/timestamp.dll myassembly.cat
댓글 쓰기