.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Custom Code Security Setting

Posted By:      Posted Date: September 03, 2010    Points: 0   Category :Sql Server
I am using custom code in couple of my SSRS reports. I can view the output on report manager, but in my BI development studio it shows me an error "An error occured during local report processing". I tried all the possible options to resolve the issue. I am adding the references of the assemblies System.Data and System.XML. Also i referred the article http://support.microsoft.com/kb/842419/en-us and tried all the steps to modify the code access security for custom assembly. I am clueless as in what to do next. Thanks, Chaitali

View Complete Post

More Related Resource Links

Security problem while debugging Infopath custom code


I have made a simple InfoPath formular, and in "Submit Options", checked  "Perform custom action using Code", and write some custom code...

Then i run the debug over this code. The InfoPath formular opened in preview mode, and i could successfully step through InternalStartup method.

I did put some data in fields and clicked on "Submit" button. I expected to be continue debugging at the beging of "FormEvents_Sumbit" method, but i got this error message:

Request for the permission of type 'Microsoft.SharePoint.Security.SharePointPermission, Microsoft.SharePoint.Security, Version=, Culture=neutral, PublicKeyToken=71e9bce111e9429c' failed.
   at TEST_FORM2.FormCode.FormEvents_Submit(Object sender, SubmitEventArgs e)
   at Microsoft.Office.InfoPath.Internal.FormEventsHost.OnSubmit(DocReturnEvent pEvent)
   at Microsoft.Office.Interop.InfoPath.SemiTrust._XDocumentEventSink2_SinkHelper.OnSubmitRequest(DocReturnEvent pEvent)"

After i clicked OK to this error, i got another one, a little different:

"InfoPath cannot submit the form.
The OnSubmitRequest event handler did not work.
Request for the permission of type 'Microsoft.SharePoint.Security.SharePointPermission, Microsoft.SharePoint

Need help setting up a Custom Security Trimmer, CheckAccess method not working.


I'm implementing the custom security trimmer for SharePoint server as outlined here: http://msdn.microsoft.com/en-us/library/ee819923.aspx

I have been able to successfully deploy the solution on to the server, but know I need to write the script that will check whether users have access to particular documents or not. The code in the walk-through is the following:

public BitArray CheckAccess(IList<String> documentCrawlUrls, IDictionary<String, Object> sessionProperties, IIdentity passedUserIdentity)
            BitArray retArray = new BitArray(documentCrawlUrls.Count);
            //Use passedUserIdentity to get the identity of the user who issued the query.
            IClaimsIdentity claimsIdentity = (IClaimsIdentity)passedUserIdentity;
           //IClaimsIdentity is defined in Microsoft.IdentityModel.Claims;
            for (int x = 0; x < documentCrawlUrls.Count; x++)

Geneva Framework: Building A Custom Security Token Service


A Security Token Service, or STS, acts as a security gateway to authenticate callers and issue security tokens carrying claims that describe the caller. See how you can build a custom STS with the "Geneva" Framework.

Michele Leroux Bustamante

MSDN Magazine January 2009

Wicked Code: Craft Custom Controls for Silverlight 2


If you're unfamiliar with Windows Presentation Foundation (WPF), building that first Silverlight custom control can be a daunting experience. This article walks through the process.

Jeff Prosise

MSDN Magazine August 2008

Foundations: Adding Code Access Security to WCF, Part 2


This month's column continues the discussion around code access security in WCF and partially trusted services.

Juval Lowy

MSDN Magazine July 2008

Foundations: Code Access Security in WCF, Part 1


Here we discuss code-access security in Windows Communication Foundation (WCF) and present a solution for enabling partially trusted clients for WCF services.

Juval Lowy

MSDN Magazine April 2008

Security Briefs: Protecting Your Code with Visual C++ Defenses


Michael Howard outlines some of the buffer overrun defenses available in Visual C++ 2005 and beyond.

Michael Howard

MSDN Magazine March 2008

Desktop Security: Create Custom Login Experiences With Credential Providers For Windows Vista


Why is a change to the Windows logon plug-in interface so exciting? Because with credential providers you can customize the logon experience for your users.

Dan Griffin

MSDN Magazine January 2007

Are You in the Know?: Find Out What's New with Code Access Security in the .NET Framework 2.0


Unlike role-based security measures, code access security is not based on user identity. Instead, it is based on the identity of the code that is running, including information such as where the code came from. Here Mike Downen discusses the role of code access security (CAS) in .NET and outlines some key new features and changes in CAS for the .NET Framework 2.0.

Mike Downen

MSDN Magazine November 2005

Custom Cultures: Extend Your Code's Global Reach With New Features In The .NET Framework 2.0


The upcoming Microsoft .NET Framework 2.0 adds a number of globalization features that address the important issues of extensibility, standards support, and migration. Here authors Michael Kaplan and Cathy Wissink explain what these features mean to your globalization effort.

Michael Kaplan and Cathy Wissink

MSDN Magazine October 2005

Security: Manipulate Privileges in Managed Code Reliably, Securely, and Efficiently


When the author was faced with implementing support for changing a security descriptor on an object, he noticed there was not support for that operation in .NET. So he devised two solutions to the problem: the first, simpler one, is tailored to the .NET Framework 1.1 and can be used today. The second solution incorporates several advanced features available only in the .NET Framework 2.0. Both are presented here.

Mark Novak

MSDN Magazine March 2005

Attack Surface: Mitigate Security Risks by Minimizing the Code You Expose to Untrusted Users


In this article, Microsoft security expert Michael Howard discusses the cardinal rules of attack surface reduction. His rules - reduce the amount of code executing by default, reduce the volume of code that is accessible to untrusted users by default, and limit the damage if the code is exploited - are explained along with the techniques to apply the rules to your code.

Michael Howard

MSDN Magazine November 2004

Security Briefs: Beware of Fully Trusted Code


The vast majority of managed applications run with full trust, but based on my experience teaching . NET security to developers with a broad range of experience, most really don't understand the implications of fully trusted code.

Keith Brown

MSDN Magazine April 2004

Review It: Expert Tips for Finding Security Defects in Your Code


Reviewing code for security defects is a key ingredient in the software creation process, ranking alongside planning, design, and testing. Here the author reflects over his years of code security reviews to identify patterns and best practices that all developers can follow when tracking down potential security loopholes. The process begins by examining the environment the code runs in, considering the roles of the users who will run it, and studying the history of any security issues the code may have had. After gaining an understanding of these background issues, specific vulnerabilities can be hunted down, including SQL injection attacks, cross-site scripting, and buffer overruns. In addition, certain red flags, such as variable names like "password", "secret," and other obvious but common security blunders, can be searched for and remedied.

Michael Howard

MSDN Magazine November 2003

Security Tips: Defend Your Code with Top Ten Security Tips Every Developer Must Know


There are many ways to get into trouble when it comes to security. You can trust all code that runs on your network, give any user access to important files, and never bother to check that code on your machine has not changed. You can run without virus protection software, not build security into your own code, and give too many privileges to too many accounts. You can even use a number of built-in functions carelessly enough to allow break-ins, and you can leave server ports open and unmonitored. Obviously, the list continues to grow. What are some of the really important issues, the biggest mistakes you should watch out for right now so that you don't compromise your data or your system? Security experts Michael Howard and Keith Brown present 10 tips to keep you out of hot water.

Michael Howard and Keith Brown

MSDN Magazine September 2002

Return of the Rich Client: Code Access Security and Distribution Features in .NET Enhance Client-Sid


Rich clients employ many of the features and conveniences of the operating system they run on, and the list of these features has been growing since the dawn of the PC. But as apps have migrated to the Web, the trend towards increasing client-side functionality has ground to a virtual halt. There are several reasons for this; chief among them are security and deployment problems. But that's all about to change. With the .NET Framework, you can participate in building the distributable rich client of the future. In this article, the author enumerates the pertinent features of .NET that will allow you to build safe, easily deployable controls. The features discussed include managed code, code access security, versioning control, Windows Forms classes, and isolation.

Jason Clark

MSDN Magazine June 2002

Security in .NET: Enforce Code Access Rights with the Common Language Runtime


Component-based software is vulnerable to attack. Large numbers of DLLs that are not tightly controlled are at the heart of the problem. Code access security in the Common Language Runtime of the Microsoft .NET Framework addresses this common security hole. In this model, the CLR acts as the traffic cop to assemblies, keeping track of where they came from and what security restraints should be placed on them. Another way the .NET Framework addresses security is by providing preexisting classes which have built-in security. These are the classes that are invoked in .NET when performing risky operations such as reading and writing files, displaying dialog boxes, and so on. Of course, if a component calls unmanaged code, it can bypass code access security measures. This article covers these and other security issues.

Keith Brown

MSDN Magazine February 2001

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend