System.Security.SecurityException

Topics: ASP.NET 2.0
Jan 3, 2008 at 1:16 PM
Hi,
I have created a new blog site (using hosting 1and1). I ran into a few initial errors but fixed them using the forum (one was getting rid of the security level from the web.config), but now I getting the below error sparodically. It seems to happen every few refreshes (?) which is quite odd.

I have changed the folders to all have full permissions - just to ensure there is nothing funky going on with permissions...

Any ideas?? Please help. It seems others are having the problem too but no solution has worked for me.

I am using the latest (today) 1.3 build.


Server Error in '/z' Application.
--------------------------------------------------------------------------------

Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:


Line 17: private void BindMenu()
Line 18: {
Line 19: foreach (SiteMapNode adminNode in SiteMap.Providers"SecuritySiteMap".RootNode.ChildNodes)
Line 20: {
Line 21: if (adminNode.IsAccessibleToUser(HttpContext.Current))


Source File: e:\kunden\homepages\42\d182460763\z\admin\menu.ascx.cs Line: 19

Stack Trace:


SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) +0
System.Security.CodeAccessPermission.Demand() +59
System.IO.Path.GetFullPath(String path) +98
System.Web.Util.FileUtil.IsSuspiciousPhysicalPath(String physicalPath, Boolean& pathTooLong) +50
System.Web.Util.FileUtil.IsSuspiciousPhysicalPath(String physicalPath) +23
System.Web.CachedPathData.GetConfigPathData(String configPath) +465
System.Web.CachedPathData.GetConfigPathData(String configPath) +243
System.Web.CachedPathData.GetConfigPathData(String configPath) +243
System.Web.CachedPathData.GetConfigPathData(String configPath) +243
System.Web.CachedPathData.GetConfigPathData(String configPath) +243
System.Web.CachedPathData.GetVirtualPathData(VirtualPath virtualPath, Boolean permitPathsOutsideApp) +132
System.Web.HttpContext.GetPathData(VirtualPath path) +3379658
System.Web.Security.UrlAuthorizationModule.IsUserAllowedToPath(HttpContext context, VirtualPath virtualPath) +132
System.Web.UI.Util.IsUserAllowedToPath(HttpContext context, VirtualPath virtualPath) +101
System.Web.SiteMapProvider.IsAccessibleToUser(HttpContext context, SiteMapNode node) +367
System.Web.SiteMapNode.IsAccessibleToUser(HttpContext context) +14
System.Web.StaticSiteMapProvider.GetChildNodes(SiteMapNode node) +348
System.Web.SiteMapNode.get_ChildNodes() +23
admin_menu.BindMenu() in e:\kunden\homepages\42\d182460763\z\admin\menu.ascx.cs:19
adminmenu.PageLoad(Object sender, EventArgs e) in e:\kunden\homepages\42\d182460763\z\admin\menu.ascx.cs:14
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +15
System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +34
System.Web.UI.Control.OnLoad(EventArgs e) +99
System.Web.UI.Control.LoadRecursive() +47
System.Web.UI.Control.LoadRecursive() +131
System.Web.UI.Control.LoadRecursive() +131
System.Web.UI.Control.LoadRecursive() +131
System.Web.UI.Control.LoadRecursive() +131
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6953
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +154
System.Web.UI.Page.ProcessRequest() +86
System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +18
System.Web.UI.Page.ProcessRequest(HttpContext context) +49
ASP.archiveaspx.ProcessRequest(HttpContext context) in AppWeb_u9qdqayh.10.cs:0
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +154
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +64




--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET Version:2.0.50727.210
Jan 29, 2008 at 5:02 AM
Edited Jan 30, 2008 at 8:28 PM


tank104 wrote:
Hi,
I have created a new blog site (using hosting 1and1). I ran into a few initial errors but fixed them using the forum (one was getting rid of the security level from the web.config), but now I getting the below error sparodically. It seems to happen every few refreshes (?) which is quite odd.

I have changed the folders to all have full permissions - just to ensure there is nothing funky going on with permissions...

Any ideas?? Please help. It seems others are having the problem too but no solution has worked for me.

I am using the latest (today) 1.3 build.


did you find a solution?
I used a work around from a similar post:

try
{
foreach (SiteMapNode adminNode in SiteMap.Providers"SecuritySiteMap".RootNode.ChildNodes)
{
<the rest of the loops content>
]
}
catch {}
regards,
HPP
Jan 29, 2008 at 8:13 PM
Yeah I did manage to fix it - I put a "try ..catch" around it and also I think blog roll.

All seems to be working well which is great news.

Not sure what the try...capture{} is but assume you mean try.. catch{}

Thanks mate!
Jan 30, 2008 at 8:32 PM
Edited Jan 30, 2008 at 8:33 PM


tank104 wrote:

Not sure what the try...capture{} is but assume you mean try.. catch{}



oops. fixed it.
I think I first did the try..catch{} in the blogroll.cs file based on the forum.. is that why my blogroll list is not showing up??
do you know if there was a fix to avoid doing the try...catch{} in blogroll?
thanks.