Monday, June 17, 2013

Godaddy - Medium Trust - MySql - Devart - System.Security.SecurityException

I have recently started encouraging my clients to use - for cost reasons... and had finished with the little tweaks needed to do so.

However, a couple months after the site was up we got a real friendly email from them:

Dear [member name],

We've got great news for you! Today, we finished migrating your hosting account, [], to a new server; you should start noticing improvements within 24 hours. Your visitors – they're really going to appreciate it!

The transition should've been seamless for you, unless your account hosts secondary domains or subdomains. If it does, you'll need to update their primary IP addresses (A records) with whoever controls the domain's DNS (typically the company you used to register your domain) to: ....


Unfortunately whatever changes occurred to "improve" things made my site go down.  After a bit of research into the "Security" errors I was getting from my code, I found out that they had moved us from a "full trust" environment to a "medium trust" environment.


System.Security.SecurityException: That assembly does not allow partially trusted callers.


Security Exception

Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. 


What this means:

We cannot use reflection at all....

protected dbMyDataContext db = new dbMyDataContext();

However, I could not use MySql-Linq at all anymore in my applications.  I have read different solutions on how to fix this - all involving making changes to the config file for medium trust to allow certain things....  It had something to do with named pipes... or perhaps it used reflection... whatever it was - it was not permitted.

Most larger shared hosting providers (like Godaddy) do not allow customization of medium trust settings.

What works:

  • Connecting to MySql using MySql.Data.dll
  • Object Data Source to connect with data on the page using custom C# objects
  • Dlls that are written in .Net (like C#) and dont use reflection.... and dont reference anything that the medium trust restrictions prohibit
  • I (suspect) that Linq queries of xml files will work... Medium trust normally allows access to files in the website.
  • Telerik RadControls for ASP.NET AJAX work great!  I use them all over the place.  Just use code-behind to bind the grids instead of SqlDataSource.  And some pages (those with Telerik RadGrids) will need to inherit from Telerik.Web.UI.RadAjaxPage for medium trust.  

What Doesn't work:

  • Paypal Express (went back to Paypal Standard)
  • Devart Linq  (I just reverted back to standard MySql data provider - and removed all Linq)
  • SqlDataSource in asp pages... (You can build them in code behind though...)  This apparently uses reflection to bind to the data.  Grids, dropdowns and formviews need to be bound in code-behind... or using Object Data Source tags.
  • Many COTS dlls you may buy... Make sure you ask whether it will work in a medium trust environment out of the box without configuring the mediumtrust_web.config
I have heard that SqlDataSource will work in medium trust - IFF you use Sql Server, not MySql.  So far, I haven't tested this.

What it came down to is a serious re-factoring of my whole CMS to comply with Godaddy preferences..   I had to change all my Linq queries, and a lot of my Grid and FormView bindings to use code behind.

With binding of grids... had to do that in code behind... and using events triggered to methods in code behind.

I hope this helps some of you with similar issues.  If you need someone to help, contact me.

No comments:

Post a Comment