1

I am trying to publish my MVC3 (I tried MVC4 as well) to my shared host (which has MVC3 installed), but I am getting this security exception :

Security Exception

Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request failed.

Source Error:

Line 20: @foreach (var item in Model) {

Here are the first few lines of the error :

System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) +0
   System.Security.CodeAccessSecurityEngine.Check(PermissionSet permSet, StackCrawlMark& stackMark) +31
   System.Security.PermissionSet.Demand() +68
   System.Data.LocalDBAPI.**DemandLocalDBPermissions**() +241
   System.Data.LocalDBAPI.CreateLocalDBInstance(String instance) +32
   System.Data.SqlClient.TdsParser.Connect(ServerInfo serverInfo, SqlInternalConnectionTds connHandler, Boolean ignoreSniOpenTimeout, Int64 timerExpire, Boolean encrypt, Boolean trustServerCert, Boolean integratedSecurity, Boolean withFailover) +5306971
   System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover) +145
   System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout) +262
   System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance) +307
   System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions) +434
   System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions) +225

My shared host is running the trust level = medium. So in my project on my localmachine, I also set the trust to medium in the web config, and it runs just fine :

<trust level="Medium" originUrl="" />

I uploaded my database to the server, so I am not re-using EF to rebuild my database on the server.

But looking at the errors, I think the LocalDbConnectionFactory might be the culprit? Or should this stay there after deploying? part of my web.config :

<connectionStrings>
<add name="DefaultConnection" connectionString="Data Source=liveServer,com;Initial Catalog=sarmie;Persist Security Info=True;User ID=liveServer;Password=liveServer;" providerName="System.Data.SqlClient" />
</connectionStrings>
<entityFramework>
<defaultConnectionFactory type="System.Data.Entity.Infrastructure.LocalDbConnectionFactory, EntityFramework">
<parameters>
    <parameter value="v11.0" />
</parameters>
</defaultConnectionFactory>
</entityFramework>

Here is my Context class :

public class MvcApplication4Context : DbContext
    {
        //public MvcApplication4Context()
        //{
        //    System.Data.Entity.Database.SetInitializer(new System.Data.Entity.DropCreateDatabaseIfModelChanges<MvcApplication4.Models.MvcApplication4Context>());
        //}

        public DbSet<MvcApplication2.Models.Ad> Ads { get; set; }
    }

Am I missing something? Should the Shared host install something to make LocalDB work? Or is there a way to bypass this and make my LINQ queries work?

Please help

Regards David

Community
  • 1
  • 1
David Smit
  • 829
  • 1
  • 13
  • 31
  • "I uploaded my database to the server, so I am not re-using EF to rebuild my database on the server." You may not intend to be doing this, but your application is doing just that. – Craig Stuntz Jan 31 '13 at 13:37
  • Maybe help you: http://stackoverflow.com/questions/2205757/need-help-with-security-exception-in-asp-net-mvc-web-application – Felipe Oriani Jan 31 '13 at 13:39
  • @FelipeOriani , already tried all mentioned in your link, but thanks for responding – David Smit Jan 31 '13 at 13:50
  • Hi @CraigStuntz. I commented out the "DropCreateDatabaseIfModelChanges" section in my project, so it shouldnt recreate by itself. I just tested it as well by adding a new model to my Context class, and it prompted that the context has changed and I should put the "DropCreateDatabaseIfModelChanges" back in. – David Smit Jan 31 '13 at 13:57
  • `CreateLocalDBInstance` is in the call stack. It's trying to create the DB, full stop. – Craig Stuntz Jan 31 '13 at 13:59
  • Ok great thanks @CraigStuntz, but how do I stop it from being create and still use my Context class? (I am adding my Context class to question) – David Smit Jan 31 '13 at 14:06

2 Answers2

1

You need to choose the right database initializer.

If you are using an initializer which can create a DB, then it will fail in your hosting scenario when this happens.

You might want to consider using EF migrations, as they can update a schema "in-place."

Craig Stuntz
  • 125,891
  • 12
  • 252
  • 273
  • Hi Craig, I do not want to create the DB on the hosting enviroment, like I mentioned, I turn off the the database initializer. But thanks for responding. Think I have found my answer.. – David Smit Feb 07 '13 at 10:25
1

Ok this took me some to figure out. Step one, do not use LOCALDB or LocalDbConnectionFactory, I don't think it is supported by the shared host. Rather use SQLCE 4.0 as mentioned here

Via nuget install EntityFramework.SqlServerCompact

Remember to put the this in your web.config (if not added already). MvcApplication8.Models.MvcApplication8Context will be your context class :

<connectionStrings>
  <add name="MvcApplication8.Models.MvcApplication8Context" connectionString="Data Source=|DataDirectory|mvc8Context.sdf" providerName="System.Data.SqlServerCe.4.0" />
  <add name="DefaultConnection" connectionString="Data Source=****;Initial Catalog=testing;Persist Security Info=True;User ID=****;Password=****;" providerName="System.Data.SqlClient" />
</connectionStrings>

<entityFramework>
 <defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlCeConnectionFactory, EntityFramework">
  <parameters>
    <parameter value="System.Data.SqlServerCe.4.0" />
  </parameters>
 </defaultConnectionFactory>
</entityFramework>
<system.data>
<DbProviderFactories>
  <remove invariant="System.Data.SqlServerCe.4.0" />
  <add name="Microsoft SQL Server Compact Data Provider 4.0" invariant="System.Data.SqlServerCe.4.0" description=".NET Framework Data Provider for Microsoft SQL Server Compact" type="System.Data.SqlServerCe.SqlCeProviderFactory, System.Data.SqlServerCe, Version=4.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91" />
</DbProviderFactories>
</system.data>

As mentioned in the link above, remember to set the following DLL's to "copy local" = true. Entityframework SqlserverCE SqlserverCE.Entity

Then you need to copy/export your DB from your local pc to the shared host.

As a side note : Do NOT use automapper, I have tried everything to make this work in medium trust, I do not think this is possible. You will get the error :

System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.ReflectionPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. I am now using valueinjecter and it works perfectly.

And now it is working at last.

Community
  • 1
  • 1
David Smit
  • 829
  • 1
  • 13
  • 31