Hibernate version:1.2.0.2003?
Hi all, I like so many others am suffering from Medium trust woes. I have all of the suggestions from the form and played the Google game. I just can't seem to get to get past the security errors!
I solved one issue by killing the reflection optimizer. Now I've moved on to a different error.
Here is the exception I get:
Code:
Server Error in '/test' Application.
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
Source Error:
[No relevant source lines]
Source File: App_Web_ao3q3d-c.1.cs Line: 0
Stack Trace:
[SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
MikeSite.Data.NHibernateSessionManager.get_threadSession() in NHibernateSessionManager.cs:200
MikeSite.Data.NHibernateSessionManager.GetSession(IInterceptor interceptor) in NHibernateSessionManager.cs:100
MikeSite.Data.NHibernateSessionManager.GetSession() in NHibernateSessionManager.cs:91
MikeSite.Data.GenericNHibernateDao`2.get_session() in GenericNHibernateDao.cs:19
MikeSite.Data.GenericNHibernateDao`2.GetByCriteria(ICriterion[] criterion) in GenericNHibernateDao.cs:56
MikeSite.Data.GenericNHibernateDao`2.GetAll() in GenericNHibernateDao.cs:47
MikeSite.Web.Controllers.GoogleMap.GoogleMapController.GetAllRoutes() in GoogleMapController.cs:62
MikeSite.Web.Controllers.GoogleMap.GoogleMapController.GetClientData(String rollbackFilename) in GoogleMapController.cs:23
TestSolution.Resources.User_Controls.BaseGoogleMap.GoogleMap.Page_Load(Object sender, EventArgs e) in GoogleMap.ascx.cs:48
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +15
System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +34
System.Web.UI.Control.OnLoad(EventArgs e) +99
System.Web.UI.Control.LoadRecursive() +47
System.Web.UI.Control.LoadRecursive() +131
System.Web.UI.Control.LoadRecursive() +131
System.Web.UI.Control.LoadRecursive() +131
System.Web.UI.Control.LoadRecursive() +131
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6953
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +154
System.Web.UI.Page.ProcessRequest() +86
System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +18
System.Web.UI.Page.ProcessRequest(HttpContext context) +49
ASP.pages_googlemaptest_aspx.ProcessRequest(HttpContext context) in App_Web_ao3q3d-c.1.cs:0
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +154
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +64
Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET Version:2.0.50727.210
I can't really tell where in NHibernate it's happening. Do I need to compile NHibernate into a debug mode in order to find out which line is causing security chaos?
I've tried editing my web.config to mimic what some of the other posters have posted in their help requests, but that has not seemed to make any headway.
Here is my web.config: (Specifics have been removed for security)Code:
<configSections>
<section name="nhibernate" type="System.Configuration.NameValueSectionHandler, System, Version=1.0.5000.0,Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<section name="log4net"
type="log4net.Config.Log4NetConfigurationSectionHandler, log4net"
requirePermission="false" />
</configSections>
<appSettings>
<add key="HBM_ASSEMBLY" value="MikeSite.Core"/>
</appSettings>
<nhibernate>
<add key="hibernate.connection.provider" value="NHibernate.Connection.DriverConnectionProvider" />
<add key="hibernate.dialect" value="NHibernate.Dialect.MsSql2000Dialect" />
<add key="hibernate.connection.driver_class" value="NHibernate.Driver.SqlClientDriver" />
<add key="hibernate.connection.connection_string"
value="Data Source=p3swhsql-v03.shr.phx3.secureserver.net;Initial Catalog=DB_****;User ID=*****;Password=****;" />
<!--<add key="hibernate.connection.isolation" value="ReadCommitted" />-->
<!--<add key="hibernate.default_schema" value="DB_1004316.dbo" />-->
<!-- Important under Medium Trust -->
<add key="hibernate.use_reflection_optimizer" value="False" />
<!-- Important under Medium Trust -->
<add key="hibernate.bytecode.provider" value="null" />
</nhibernate>
I guess it couldn't hurt posting my custom http handler that creates the session:Code:
using System;
using System.Collections.Generic;
using System.Runtime.Remoting.Messaging;
using System.Text;
using NHibernate;
using NHibernate.Cache;
using System.Web;
using System.Data;
using System.Configuration;
namespace MikeSite.Data
{
/// <summary>
/// Handles creation and management of sessions and transactions. It is a singleton because
/// building the initial session factory is very expensive. Inspiration for this class came
/// from Chapter 8 of Hibernate in Action by Bauer and King. Although it is a sealed singleton
/// you can use TypeMock (http://www.typemock.com) for more flexible testing.
/// </summary>
public sealed class NHibernateSessionManager : IHttpModule
{
#region Thread-safe, lazy Singleton
/// <summary>
/// This is a thread-safe, lazy singleton. See http://www.yoda.arachsys.com/csharp/singleton.html
/// for more details about its implementation.
/// </summary>
public static NHibernateSessionManager Instance
{
get
{
return Nested.nHibernateSessionManager;
}
}
/// <summary>
/// Initializes the NHibernate session factory upon instantiation.
/// </summary>
private NHibernateSessionManager()
{
InitSessionFactory();
}
/// <summary>
/// Assists with ensuring thread-safe, lazy singleton
/// </summary>
private class Nested
{
static Nested() { }
internal static readonly NHibernateSessionManager nHibernateSessionManager = new NHibernateSessionManager();
}
#endregion
private void InitSessionFactory()
{
NHibernate.Cfg.Configuration cfg = new NHibernate.Cfg.Configuration();
// The following makes sure the the web.config contains a declaration for the HBM_ASSEMBLY appSetting
if (ConfigurationManager.AppSettings["HBM_ASSEMBLY"] == null ||
ConfigurationManager.AppSettings["HBM_ASSEMBLY"] == "")
{
throw new ConfigurationErrorsException("NHibernateManager.InitSessionFactory: \"HBM_ASSEMBLY\" must be " +
"provided as an appSetting within your config file. \"HBM_ASSEMBLY\" informs NHibernate which assembly " +
"contains the HBM files. It is assumed that the HBM files are embedded resources. An example config " +
"declaration is <add key=\"HBM_ASSEMBLY\" value=\"MyProject.Core\" />");
}
cfg.AddAssembly(System.Configuration.ConfigurationManager.AppSettings["HBM_ASSEMBLY"]);
sessionFactory = cfg.BuildSessionFactory();
}
/// <summary>
/// Allows you to register an interceptor on a new session. This may not be called if there is already
/// an open session attached to the HttpContext. If you have an interceptor to be used, modify
/// the HttpModule to call this before calling BeginTransaction().
/// </summary>
public void RegisterInterceptor(IInterceptor interceptor)
{
ISession session = threadSession;
if (session != null && session.IsOpen)
{
throw new CacheException("You cannot register an interceptor once a session has already been opened");
}
GetSession(interceptor);
}
public ISession GetSession()
{
return GetSession(null);
}
/// <summary>
/// Gets a session with or without an interceptor. This method is not called directly; instead,
/// it gets invoked from other public methods.
/// </summary>
private ISession GetSession(IInterceptor interceptor)
{
ISession session = threadSession;
if (session == null)
{
if (interceptor != null)
{
session = sessionFactory.OpenSession(interceptor);
}
else
{
session = sessionFactory.OpenSession();
}
threadSession = session;
}
return session;
}
public void CloseSession()
{
ISession session = threadSession;
threadSession = null;
if (session != null && session.IsOpen)
{
session.Close();
}
}
public void BeginTransaction()
{
ITransaction transaction = threadTransaction;
if (transaction == null)
{
transaction = GetSession().BeginTransaction();
threadTransaction = transaction;
}
}
public void CommitTransaction()
{
ITransaction transaction = threadTransaction;
try
{
if (transaction != null && !transaction.WasCommitted && !transaction.WasRolledBack)
{
transaction.Commit();
threadTransaction = null;
}
}
catch (HibernateException ex)
{
RollbackTransaction();
throw ex;
}
}
public void RollbackTransaction()
{
ITransaction transaction = threadTransaction;
try
{
threadTransaction = null;
if (transaction != null && !transaction.WasCommitted && !transaction.WasRolledBack)
{
transaction.Rollback();
}
}
catch (HibernateException ex)
{
throw ex;
}
finally
{
CloseSession();
}
}
private ITransaction threadTransaction
{
get
{
return (ITransaction)CallContext.GetData("THREAD_TRANSACTION");
}
set
{
CallContext.SetData("THREAD_TRANSACTION", value);
}
}
private ISession threadSession
{
get
{
return (ISession)CallContext.GetData("THREAD_SESSION");
}
set
{
CallContext.SetData("THREAD_SESSION", value);
}
}
private ISessionFactory sessionFactory;
#region IHttpModule Members
public void Dispose()
{
}
public void Init(HttpApplication context)
{
}
#endregion
}
}
Any insights will greatly helpful. I've been working with GoDaddy on this and well to say it plain and simple, they suck. Please let me know if there is any more information that I can provide to help troubleshoot. Thanks!
Mike
EDIT:
I tried adding in more components from other poster's web.config setups to see if my configuration is at fault. I changed the section part of the web.config to:
Code:
<section name="nhibernate"
type="System.Configuration.NameValueSectionHandler, System, Version=1.0.5000.0,Culture=neutral, PublicKeyToken=b77a5c561934e089"
requirePermission="false" />
However this crashes the app with a configuration error. Says: Section or group name 'nhibernate' is already defined. Updates to this may only occur at the configuration level where it is defined.
I'm starting to get angry at this. I just don't see where the problem lies!
EDIT #2:
Figured it out finally! In my session manager I was using CallContext. After tracing the stack down to places where I thought it was crashing I was able to figure out it was in the getter for the session. At this point I just Googled up "CallContext medium trust" and actually found a post about that here in the forum. Changed it to HTTPContext and it seems to have be working. Let me know if you think this fix is adequate.