C
Cindy Lee
I'm using a .net 2.0 Hosted server, IIS has trust level I think I medium,
which I can't over-ride.
I'm working off the Personal Website wizard. I get this security issue
usually after I log in and come back. Sometimes I get it, and sometimes I
don't. I can't repeat it all the time.
How should I set my token key? i just use what's in the config file:
b77a5c561934e089.
I know I can't do full Trust because it get's overridden.
There's nothing on my pages that is a big security issue. I don't care who
has access to it. Is there anything I should do to change my config file.
This is my error below, and my config file is below that
Description: The application attempted to perform an operation not allowed
by the security policy. To grant this application the required permission
please contact your system administrator or change the application's trust
level in the configuration file.
Exception Details: System.Security.SecurityException: Request for the
permission of type 'System.Security.Permissions.FileIOPermission, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
Conifg
<?xml version="1.0"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<connectionStrings>
<remove name="LocalSqlServer"/>
<add name="LocalSqlServer" connectionString="Data
Source=SQLB1.webcontrolcenter.com;Initial Catalog=loftladb;Persist Security
Info=True;User ID=xxx;Password=xxx"/>
<add name="Personal" connectionString="Data
Source=SQLB1.webcontrolcenter.com;Initial Catalog=loftladb;Persist Security
Info=True;User ID=xxx;Password=xxx"
providerName="System.Data.SqlClient" />
<add name="loftladbConnectionString1" connectionString="Data
Source=SQLB1.webcontrolcenter.com;Initial Catalog=loftladb;Persist Security
Info=True;User ID=xxx;Password=xxx"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<pages styleSheetTheme="White"/>
<customErrors mode="Off"/>
<compilation debug="true"/>
<membership defaultProvider="YourSqlProvider">
<providers>
<add connectionStringName="LocalSqlServer" applicationName="LoftLAApp"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0" name="YourSqlProvider"
type="System.Web.Security.SqlMembershipProvider" />
</providers>
</membership>
<authentication mode="Forms">
<forms loginUrl="default1.aspx" protection="Validation" timeout="300" />
</authentication>
<authorization>
<allow users="*"/>
</authorization>
<globalization requestEncoding="utf-8" responseEncoding="utf-8"/>
<roleManager enabled="true" defaultProvider="AspNetSqlRoleProvider" />
<siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
<providers>
<add name="XmlSiteMapProvider" description="SiteMap provider which reads in
..sitemap XML files." type="System.Web.XmlSiteMapProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
siteMapFile="web.sitemap" securityTrimmingEnabled="true"/>
</providers>
</siteMap>
</system.web>
<location path="Admin">
<system.web>
<authorization>
<allow roles="Administrators"/>
<!-- deny users="*"/ -->
</authorization>
</system.web>
</location>
</configuration>
which I can't over-ride.
I'm working off the Personal Website wizard. I get this security issue
usually after I log in and come back. Sometimes I get it, and sometimes I
don't. I can't repeat it all the time.
How should I set my token key? i just use what's in the config file:
b77a5c561934e089.
I know I can't do full Trust because it get's overridden.
There's nothing on my pages that is a big security issue. I don't care who
has access to it. Is there anything I should do to change my config file.
This is my error below, and my config file is below that
Description: The application attempted to perform an operation not allowed
by the security policy. To grant this application the required permission
please contact your system administrator or change the application's trust
level in the configuration file.
Exception Details: System.Security.SecurityException: Request for the
permission of type 'System.Security.Permissions.FileIOPermission, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
Conifg
<?xml version="1.0"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<connectionStrings>
<remove name="LocalSqlServer"/>
<add name="LocalSqlServer" connectionString="Data
Source=SQLB1.webcontrolcenter.com;Initial Catalog=loftladb;Persist Security
Info=True;User ID=xxx;Password=xxx"/>
<add name="Personal" connectionString="Data
Source=SQLB1.webcontrolcenter.com;Initial Catalog=loftladb;Persist Security
Info=True;User ID=xxx;Password=xxx"
providerName="System.Data.SqlClient" />
<add name="loftladbConnectionString1" connectionString="Data
Source=SQLB1.webcontrolcenter.com;Initial Catalog=loftladb;Persist Security
Info=True;User ID=xxx;Password=xxx"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<pages styleSheetTheme="White"/>
<customErrors mode="Off"/>
<compilation debug="true"/>
<membership defaultProvider="YourSqlProvider">
<providers>
<add connectionStringName="LocalSqlServer" applicationName="LoftLAApp"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0" name="YourSqlProvider"
type="System.Web.Security.SqlMembershipProvider" />
</providers>
</membership>
<authentication mode="Forms">
<forms loginUrl="default1.aspx" protection="Validation" timeout="300" />
</authentication>
<authorization>
<allow users="*"/>
</authorization>
<globalization requestEncoding="utf-8" responseEncoding="utf-8"/>
<roleManager enabled="true" defaultProvider="AspNetSqlRoleProvider" />
<siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
<providers>
<add name="XmlSiteMapProvider" description="SiteMap provider which reads in
..sitemap XML files." type="System.Web.XmlSiteMapProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
siteMapFile="web.sitemap" securityTrimmingEnabled="true"/>
</providers>
</siteMap>
</system.web>
<location path="Admin">
<system.web>
<authorization>
<allow roles="Administrators"/>
<!-- deny users="*"/ -->
</authorization>
</system.web>
</location>
</configuration>