MVC 3 Medium Trust

Question

MVC 3 Medium Trust

sweeperq opened this issue 14 years ago · 29 comments

Having an issue getting Ninject.Web.Mvc to work in Medium Trust. "UseReflectionBasedInjection" is set to true as a parameter during the creation of the kernel, but am getting the following error:

System.Security.SecurityException

Attempt by method 'Ninject.Web.Mvc.Validation.NinjectDataAnnotationsModelValidatorProvider.GetValidators(System Web.Mvc.ModelMetadata, System.Web.Mvc.ControllerContext, System.Collections.Generic.IEnumerable`1)' to access method 'System.Web.Mvc.DataAnnotationsModelValidator.get_Attribute()' failed.

Answer 1 · 2011-03-09T16:58:52.000Z

It seems this requires a configuration to disable the support for the injection of ValidationAttributes.

Answer 2 · 2011-03-09T18:04:24.000Z

Thank you for the response remogloor. I see the issue has been marked as closed. Could you elaborate a little more on your statement above? Does such a configuration already exist? If so, where?

Does this mean that Validation Attributes we decorate our classes with will not be supported if the class is instantiated by injection in a Medium Trust environment?

Answer 3 · 2011-03-09T18:13:06.000Z

Oh sorry. I didn't want to close this topic. There is no such configuration yet. This has to be added. After this change Validation Attributes are still supported. But injection into validation attributes is not support anymore.

Answer 4 · 2011-03-09T18:17:30.000Z

Thank you for the clarification.

Answer 5 · 2011-03-22T09:19:16.000Z

hi - any idea when a fix for this might be available? I don't want to switch to Unity to get DI working in medium trust if i can help it :)

Answer 6 · 2011-03-22T10:02:52.000Z

This is planned for the next release. I can't give you any ETA at the moment. But we are hard working towards this release. If you need it before you are still welcome to fork the sources and fix the problem yourself. If you need help with doing so I'll try to assist you.

Answer 7 · 2011-03-22T10:12:36.000Z

thanks for the response remogloor - i'll take a look at the src and see what i can do

Answer 8 · 2011-05-04T14:02:19.000Z

I've modified CreateKernel as per other info sources :

private static IKernel CreateKernel()
{
    var kernel = new StandardKernel(new NinjectSettings { UseReflectionBasedInjection = true });
    RegisterServices(kernel);
    return kernel;
}

but still I get :

System.Security.SecurityException was unhandled by user code
Message=Request for the permission of type 'System.Security.Permissions.ReflectionPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
Source=mscorlib
StackTrace:
at System.Security.CodeAccessSecurityEngine.SpecialDemand(PermissionType whatPermission, StackCrawlMark& stackMark)
at System.Security.CodeAccessPermission.Demand(PermissionType permissionType)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at Ninject.Infrastructure.Language.ExtensionsForMemberInfo.GetParentDefinition(MethodInfo method, BindingFlags flags) in c:\Projects\Ninject\ninject\src\Ninject\Infrastructure\Language\ExtensionsForMemberInfo.cs:line 145
at Ninject.Infrastructure.Language.ExtensionsForMemberInfo.GetParentDefinition(PropertyInfo property) in c:\Projects\Ninject\ninject\src\Ninject\Infrastructure\Language\ExtensionsForMemberInfo.cs:line 126
at Ninject.Infrastructure.Language.ExtensionsForMemberInfo.IsDefined(PropertyInfo element, Type attributeType, Boolean inherit) in c:\Projects\Ninject\ninject\src\Ninject\Infrastructure\Language\ExtensionsForMemberInfo.cs:line 162
at Ninject.Infrastructure.Language.ExtensionsForMemberInfo.HasAttribute(MemberInfo member, Type type) in c:\Projects\Ninject\ninject\src\Ninject\Infrastructure\Language\ExtensionsForMemberInfo.cs:line 50
at Ninject.Selection.Heuristics.StandardInjectionHeuristic.ShouldInject(MemberInfo member) in c:\Projects\Ninject\ninject\src\Ninject\Selection\Heuristics\StandardInjectionHeuristic.cs:line 47
at Ninject.Selection.Selector.<>c__DisplayClass3.b__2(IInjectionHeuristic h) in c:\Projects\Ninject\ninject\src\Ninject\Selection\Selector.cs:line 92
at System.Linq.Enumerable.Any[TSource](IEnumerable1 source, Func2 predicate)
at Ninject.Selection.Selector.b__1(PropertyInfo p) in c:\Projects\Ninject\ninject\src\Ninject\Selection\Selector.cs:line 92
at System.Linq.Enumerable.WhereEnumerableIterator1.MoveNext() at System.Collections.Generic.List1.InsertRange(Int32 index, IEnumerable1 collection) at System.Collections.Generic.List1.AddRange(IEnumerable1 collection) at Ninject.Selection.Selector.SelectPropertiesForInjection(Type type) in c:\Projects\Ninject\ninject\src\Ninject\Selection\Selector.cs:line 89 at Ninject.Planning.Strategies.PropertyReflectionStrategy.Execute(IPlan plan) in c:\Projects\Ninject\ninject\src\Ninject\Planning\Strategies\PropertyReflectionStrategy.cs:line 60 at Ninject.Planning.Planner.<>c__DisplayClass3.<GetPlan>b__1(IPlanningStrategy s) in c:\Projects\Ninject\ninject\src\Ninject\Planning\Planner.cs:line 68 at Ninject.Infrastructure.Language.ExtensionsForIEnumerableOfT.Map[T](IEnumerable1 series, Action1 action) in c:\Projects\Ninject\ninject\src\Ninject\Infrastructure\Language\ExtensionsForIEnumerableOfT.cs:line 23 at Ninject.Planning.Planner.GetPlan(Type type) in c:\Projects\Ninject\ninject\src\Ninject\Planning\Planner.cs:line 68 at Ninject.Activation.Context.Resolve() in c:\Projects\Ninject\ninject\src\Ninject\Activation\Context.cs:line 180 at Ninject.KernelBase.<Resolve>b__7(IContext context) in c:\Projects\Ninject\ninject\src\Ninject\KernelBase.cs:line 375 at System.Linq.Enumerable.<>c__DisplayClass123.b__11(TSource x)
at System.Linq.Enumerable.WhereSelectEnumerableIterator2.MoveNext() at System.Linq.Enumerable.SingleOrDefault[TSource](IEnumerable1 source)
at Ninject.Planning.Targets.Target1.GetValue(Type service, IContext parent) in c:\Projects\Ninject\ninject\src\Ninject\Planning\Targets\Target.cs:line 179 at Ninject.Planning.Targets.Target1.ResolveWithin(IContext parent) in c:\Projects\Ninject\ninject\src\Ninject\Planning\Targets\Target.cs:line 147
at Ninject.Activation.Providers.StandardProvider.GetValue(IContext context, ITarget target) in c:\Projects\Ninject\ninject\src\Ninject\Activation\Providers\StandardProvider.cs:line 97
at Ninject.Activation.Providers.StandardProvider.<>c__DisplayClass2.b__1(ITarget target) in c:\Projects\Ninject\ninject\src\Ninject\Activation\Providers\StandardProvider.cs:line 81
at System.Linq.Enumerable.WhereSelectArrayIterator2.MoveNext() at System.Linq.Buffer1..ctor(IEnumerable1 source) at System.Linq.Enumerable.ToArray[TSource](IEnumerable1 source)
at Ninject.Activation.Providers.StandardProvider.Create(IContext context) in c:\Projects\Ninject\ninject\src\Ninject\Activation\Providers\StandardProvider.cs:line 81
at Ninject.Activation.Context.Resolve() in c:\Projects\Ninject\ninject\src\Ninject\Activation\Context.cs:line 157
at Ninject.KernelBase.b__7(IContext context) in c:\Projects\Ninject\ninject\src\Ninject\KernelBase.cs:line 375
at System.Linq.Enumerable.<>c__DisplayClass123.<CombineSelectors>b__11(TSource x) at System.Linq.Enumerable.WhereSelectEnumerableIterator2.MoveNext()
at System.Linq.Enumerable.d__b11.MoveNext() at System.Linq.Enumerable.Single[TSource](IEnumerable1 source)
at Ninject.ResolutionExtensions.Get[T](IResolutionRoot root, IParameter[] parameters) in c:\Projects\Ninject\ninject\src\Ninject\Syntax\ResolutionExtensions.cs:line 37
at Ninject.Web.Mvc.Bootstrapper.CreateDependencyResolver() in c:\Projects\Ninject\ninject.web.mvc\mvc3\src\Ninject.Web.Mvc\Bootstrapper.cs:line 92
at Ninject.Web.Mvc.Bootstrapper.Initialize(Func`1 createKernelCallback) in c:\Projects\Ninject\ninject.web.mvc\mvc3\src\Ninject.Web.Mvc\Bootstrapper.cs:line 68
at Whatever.App_Start.NinjectMVC3.Start() in D:\Whatever\App_Start\NinjectMVC3.cs:line 26
InnerException:

It doesn't seem to have anything to do with the injection of ValidationAttributes..

Any ideas?

Answer 9 · 2011-05-04T16:34:00.000Z

The problem is caused by a workaround for a bug in the .NET framework. It should be possible to support medium trust. But defenately not without any side effect for property injection which will not work in some scenarios because of this bug. This requires a lot of additional analysis though as it is a problem deep into property reflection. (MS hasn't managed to get this working properly either since .NET 1.0)

Answer 10 · 2011-05-18T00:54:45.000Z

Use https://github.com/downloads/ninject/ninject/Ninject-2.2.1.3-release-net-4.0-mediumTrust.zip for the moment. Before you ask there won't be a nuget package for 2.2.

Also configure the kernel like this:
var kernel = new StandardKernel(
new NinjectSettings { LoadExtensions = false });
kernel.Load(new MvcModule());

This version fixes the issue hardcoded. The final fix will be released with 2.4 where medium trust will be configurable. It's not configurable in 2.2 because this would be a large change which could have side effects.

Answer 11 · 2011-08-08T16:08:11.000Z

Would you have a version that is built with the .net 3.5 framework and MVC2 as well?

Answer 12 · 2011-08-10T11:20:04.000Z

It's not a MVC related problem, but caused by Ninject core. I havn't checked but the same fix should apply to MVC2

Answer 13 · 2011-08-10T16:06:42.000Z

yes, but it is built with .net 4.0 references, so it won't work in a 3.5 environment...should I just download and build the latest version in Github?

Answer 14 · 2011-08-10T16:31:52.000Z

Probably you are lucky. It seems I still had a build on my machine. But I don't have the time to verify this build at the moment. It also won't get a high prio on my task list either. If this is not working then please tell me so that I can delete it again, take the MediumTrust branch and compile it yourself.

https://github.com/downloads/ninject/ninject/Ninject-2.2.1.3-release-net-3.5-mediumTrust.zip

Answer 15 · 2012-08-16T13:32:33.000Z

Hi,

This issue is fixed on version 3 ??

Thanks

Answer 16 · 2012-08-17T23:13:40.000Z

It was not easy to have this configurable, so there is still a medium trust build available frm google code

Answer 17 · 2012-09-12T04:42:40.000Z

We have the same problem, we are trying to use Ninject in Rackspace CloudSites environment that is a "modified" MediumTrust level, we tried in several ways being sure that the assembly is set to AllowPartialCallers and we are getting the same security / permission error message:

[SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.] System.AppDomain.get_Evidence() +24 Ninject.Modules.AssemblyNameRetriever.CreateTemporaryAppDomain() +19 Ninject.Modules.AssemblyNameRetriever.GetAssemblyNames(IEnumerable1 filenames, Predicate1 filter) +50 Ninject.Modules.CompiledModuleLoaderPlugin.LoadModules(IEnumerable1 filenames) +87 Ninject.Modules.ModuleLoader.LoadModules(IEnumerable1 patterns) +379 Ninject.KernelBase.Load(IEnumerable1 filePatterns) +40 Ninject.KernelBase..ctor(IComponentContainer components, INinjectSettings settings, INinjectModule[] modules) +359 Ninject.KernelBase..ctor(INinjectModule[] modules) +92 Ninject.StandardKernel..ctor(INinjectModule[] modules) +5 TPS.Framework.NInject.NinjectIocContainer..ctor(INinjectModule[] modules) in NinjectIocContainer.cs:22 WebServices.Global.CreateKernel() in Global.asax.cs:22 Ninject.Web.Common.Bootstrapper.Initialize(Func1 createKernelCallback) +16 Ninject.Web.Common.NinjectHttpApplication.Application_Start() +102

Any idea or suggestion?

Thanks in advance, Andres Watson (aw@smedia.com)

Answer 18 · 2012-12-04T11:49:55.000Z

Andreswatson, did you get this working on your hosting environment? I'm having the same issue with Winhost.com hosting an ASP.NET 4.5 application using Ninject 3.0.1.10 and Ninject.MVC3.

Works fine locally, then on hosting environment I get this error:
System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Answer 19 · 2012-12-04T11:55:59.000Z

Have you tried using a mudium trust build?
http://code.google.com/p/ninject2/downloads/list?q=label:Ninject

Answer 20 · 2012-12-04T12:08:07.000Z

Hi Remogloor, thanks for the fast response!
I wasn't sure which one to download, so I took "Ninject-3.0.1.10-release-net-4.0_medium_trust.zip" (even though I'm using .NET 4.5, I choose this as there was no medium trust for 4.5).

I uploaded the DLL to my project, but still get the security error:
System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Any ideas?

Answer 21 · 2012-12-04T12:10:46.000Z

I got it to work... I managed to set my app to full trust in the web.config:
<system.web>

...

I was trying to use this:

Which didn't work.

Answer 22 · 2012-12-04T12:24:55.000Z

Hi. It was impossible for us to make it work. It is obvious that no one has
seriously tested as it does not work on our Rackspace CloudSites
environment where is a medium trust modified with Reflection support.

Andrés Watson @ Mobile
On Dec 4, 2012 8:50 AM, "Carlin Archer" notifications@github.com wrote:

Andreswatson, did you get this working on your hosting environment? I'm
having the same issue with Winhost.com hosting an ASP.NET 4.5 application
using Ninject 3.0.1.10 and Ninject.MVC3.

Works fine locally, then on hosting environment I get this error:
System.Security.SecurityException: Request for the permission of type
'System.Security.Permissions.SecurityPermission, mscorlib, Version=4.0.0.0,
Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/15#issuecomment-10993731.

Answer 23 · 2012-12-05T04:15:51.000Z

CARLIN. Does it worked?

Andrés Watson @ Mobile
On Dec 4, 2012 9:10 AM, "Carlin Archer" notifications@github.com wrote:

I got it to work... I managed to set my app to full trust in the
web.config:

...

I was trying to use this:

Which didn't work.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/15#issuecomment-10994294.

Answer 24 · 2012-12-05T06:34:57.000Z

I managed to get it working on Winhost.com, but that was because it is using full trust... I managed to set my app to sue full trust by using the correct settings in the web.config, when I tried copying up the medium trust DLL that didn't work.

Answer 25 · 2012-12-05T11:16:34.000Z

We couldn't make it work in Rackspace. We had to set a dedicated server to
have full-trust.

It would be great to know if anyone had the chance to use the medium trust
version.

Cheers.

Andrés Watson @ Mobile
On Dec 5, 2012 3:34 AM, "Carlin Archer" notifications@github.com wrote:

I managed to get it working on Winhost.com, but that was because it is
using full trust... I managed to set my app to sue full trust by using the
correct settings in the web.config, when I tried copying up the medium
trust DLL that didn't work.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/15#issuecomment-11031218.

Answer 26 · 2012-12-11T08:49:37.000Z

Hi. Has anyone managed to make this work using the partial trust assemblies?

I downloaded the medium trust assemblies and also passed "LoadExtensions = false, UseReflectionBasedInjection = true" but still got the security exception.

Answer 27 · 2012-12-11T09:29:13.000Z

Please try the .NET 4.5 Medium trust build from the build server. I don't
have any 4.5 medium trust environment to verify myself.

https://teamcity.bbv.ch/viewLog.html?buildId=987&tab=artifacts&buildTypeId=bt7

2012/12/11 nvivo64 notifications@github.com

Hi. Has anyone managed to make this work using the partial trust
assemblies?

I downloaded the medium trust assemblies and also passed "LoadExtensions =
false, UseReflectionBasedInjection = true" but still got the security
exception.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/15#issuecomment-11235505.

Answer 28 · 2012-12-11T13:01:49.000Z

Hi,

I have been able to use the 4.0 medium trust assemblies from the Google Code download page.

Ended up that some of my problems were about the project not being prepared to run in Medium Trust, as I have never had to use that before. I had to do some setup to make it to work, so I'm posting here what I had to do. My project is an ASP.NET MVC 4 with .NET 4.0.

Got Ninject Medium Trust assemblies from http://code.google.com/p/ninject2/downloads/list, also got Ninject.Web.Mvc3 and Ninject.Web.Common (could use Nuget version for those, but did not want to deal with broken dependencies).
Changed my NinjectWebCommon.Start method to create the kernel as sugested by remogloor:

var kernel = new StandardKernel(new NinjectSettings() { LoadExtensions = false } );

and then added:

kernel.Load(new Ninject.Web.Mvc.MvcModule());

This second line is important. As we tell it to not load extensions automatically, you need to load at least the MvcModule that would be loaded automatically before. It sets up the basic bindings for Ninject to work, otherwise it won't be able to create anything.

The next 2 steps are not about ninject, but about Medium Trust. As I had to change so the website would work, so here it is:

Make sure any assemblies you reference have the [assembly: AllowPartiallyTrustedCallers] defined in your AssemblyInfo file ow somewhere else. Won't work if they don't.
In your web.config, add requirePermission="false" to any configSection you may have, otherwise you will get exceptions for configuration parsing.

Sorry about the long post here, but hope it helps people having the same problem. Could be an entry in the wiki explaining that.

Thanks!

Answer 29 · 2013-01-08T20:37:38.000Z

Where are you hosting this Meddium Trust solution?

*Andrés Watson
*
Business Development & IT Innovation Specialist @ Smedia Group SA
O'Higgins 2328, Loft 4 | Buenos Aires | Argentina

Phone: +54 (11) 4780.3337 | Skype: andreswatson
Mobile: +54 (911) 5949.8686 | eMail: aw@smedia.com

On Tue, Dec 11, 2012 at 10:01 AM, nvivo64 notifications@github.com wrote:

Hi,

I have been able to use the 4.0 medium trust assemblies from the Google
Code download page.

Ended up that some of my problems were about the project not being
prepared to run in Medium Trust, as I have never had to use that before. I
had to do some setup to make it to work, so I'm posting here what I had to
do. My project is an ASP.NET MVC 4 with .NET 4.0.

Got Ninject Medium Trust assemblies from
http://code.google.com/p/ninject2/downloads/list, also got
Ninject.Web.Mvc3 and Ninject.Web.Common (could use Nuget version for those,
but did not want to deal with broken dependencies).
2.

Changed my NinjectWebCommon.Start method to create the kernel as
sugested by remogloor:

var kernel = new StandardKernel(new NinjectSettings() { LoadExtensions =
false } );

and then added:

kernel.Load(new Ninject.Web.Mvc.MvcModule());

This second line is important. As we tell it to not load extensions
automatically, you need to load at least the MvcModule that would be loaded
automatically before. It sets up the basic bindings for Ninject to work,
otherwise it won't be able to create anything.

The next 2 steps are not about ninject, but about Medium Trust. As I had
to change so the website would work, so here it is:

Make sure any assemblies you reference have the [assembly:
AllowPartiallyTrustedCallers] defined in your AssemblyInfo file ow
somewhere else. Won't work if they don't.
2.

In your web.config, add requirePermission="false" to any configSection
you may have, otherwise you will get exceptions for configuration parsing.

Sorry about the long post here, but hope it helps people having the same
problem. Could be an entry in the wiki explaining that.

Thanks!

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/15#issuecomment-11242463.