reading web.config section

[alf]

Hi folks,
I'm trying to read a web.config section using

RoleManagerSection settings =
(RoleManagerSection)System.Configuration.ConfigurationManager.GetSection("system.web/roleManager");

and I get the following error on the page:

Security Exception
Description: The application attempted to perform an operation not allowed
by the security policy. To grant this application the required permission
please contact your system administrator or change the application's trust
level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the
permission of type 'System.Security.Permissions.FileIOPermission, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

There is any security restriction on the server?? there is other way to
acces config information ??

Thanks

 

[John Timney \(MVP\)]

Your user (the account asp.net runs under) needs to have read permission to
the file, and to any config files above it in the same application.

You may need to set your applications trust level accordingly:
http://msdn2.microsoft.com/en-us/library/tkscy493(VS.80).aspx

Regards

John Timney (MVP)
http://www.johntimney.com
http://www.johntimney.com/blog

 

[alf]

Hi Timmey,
I can't set y application because I'm running in a hosting enviroment where
the security level is Medium.
I can read the sections: "appSetting" and "connectionStrings" perfectly but
not the "system.web"... why ???

any idea ??
thanks

 

[John Timney \(MVP\)]

If your in a hosting environment, ask your hosting company to give you an
example that works with their trust level settings.

Regards

John Timney (MVP)
http://www.johntimney.com
http://www.johntimney.com/blog

 

[alf]

Well, I tryed a lot to get understan with this guys from the support staff,
but nothing, they just repeat and repeat that the server has Medium Level.

Doing some test I found that:
GetSection("appSettings"); // OK to read
GetSection("connectionString"); // OK to read
GetSection("system.web"); // Unable to read. Security Exception

I just wanna know WHY system.web is impossible to access !!!

Anyway, now I can read the entire web.config file using XmlDocument. So, my
problem is solved but I would like to investigate about it.

 

[Juan T. Llibre]

re:
!> I just wanna know WHY system.web is impossible to access !!!
!> my problem is solved but I would like to investigate about it

Your ISP is assigning restrictive access permissions to some sections of web.config.

Try adding
---------------------------------------------
<location allowOverride="true">
<system.web>
<securityPolicy>
<trustLevel name="Full" policyFile="internal" />
<trustLevel name="High" policyFile="web_hightrust.config" />
<trustLevel name="Medium" policyFile="web_mediumtrust.config" />
<trustLevel name="Low" policyFile="web_lowtrust.config" />
<trustLevel name="Minimal" policyFile="web_minimaltrust.config"/>
</securityPolicy>
<trust
level="Full"
originUrl=""
processRequestInApplicationTrust="true"
/>
</system.web>
</location>
-------------

....to the root web.config, and see if you can assign trust settings to your app, per:
http://msdn2.microsoft.com/en-us/library/tkscy493(VS.80).aspx

If you can't, you'll have to talk to your ISP about allowing you to override the trust settings.