.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Best practices for handling SecurityException

Posted By:      Posted Date: September 08, 2010    Points: 0   Category :ASP.Net
I have locked a set of administration pages on a website using the PrincipalPermission syntax ie:<PrincipalPermission(SecurityAction.Demand, Role:=RoleBLL.ROLE_NAME_ADMINISTRATOR)> <PrincipalPermission(SecurityAction.Demand, Role:=RoleBLL.ROLE_NAME_ICON_REP_EDITOR)> Partial Class admin__ASPNET_RepEditor     Inherits System.Web.UI.Page<PrincipalPermission(SecurityAction.Demand, Role:=RoleBLL.ROLE_NAME_ADMINISTRATOR)><PrincipalPermission(SecurityAction.Demand, Role:=RoleBLL.ROLE_NAME_MEMBER_EDITOR)>Partial Class admin__ASPNET_MemberEditor    Inherits System.Web.UI.Page'....which allows anyone with Administrator or Member editor roles onto that particular page. I want to know what's the best practice for handling the SecurityException error someone gets when they enter the page and are not logged in or do not have either role assigned. I use a global application handler currently (see below) for all errors but I would like to direct users to the Login.aspx page or display some "Access Denied" text.Sub Application_Error(ByVal sender As Object, ByVal e As EventArgs)       'Send Email hereEnd Sub

View Complete Post

More Related Resource Links

Best practices for error handling ,debugging,and performence in ssis

Hi all,
I need some  sujjestions for best practices of ssis error handling  ,debugging,and performence .Recently i had finished a datawarehouse project .But we implemented in hurry,we didnt handle the erros in a proper way and even the performence was poor,so iam looking for some information in implemting the best practices

Many Thanks


What are the exception handling best practices in workflow services

What are the best exception handling practices in workflow services declared in xamlx.
I have created an application, the service layer of the application has Xamlx workflow services hosted on IIS. Workflow services are calling data services through custom activities to get data. Exception could arise either in the workflow service or in custom activities or data services might throw exceptions. What is the best practice to handle declared and undeclared exceptions in the service layer.
At the UI, I have an Asp.net web application.

ASP.NET Best Practices for High Performance Applications

This article lists the techniques that you can use to maximize the performance of your ASP.NET applications. It provides common issues, design guidelines, and coding tips to build optimal and robust solutions.

12 ASP.NET MVC Best Practices

And one of them was about what I consider to be ASP.NET MVC Best Practices. The presentation was in Italian so I decided to translate my slide in English so that everybody can read them.

Controller's best practices


Every self-respected programmer should include exception handling techniques. Sometimes your application will generate an error. Regardless of who was responsible for this error, the programmer or the user, it is up to the first to include the necessary exception handling techniques to keep his/her program from crashing. The .Net environment provides useful techniques for avoiding disastrous errors such as try-catch statements and user-defined exceptions.

Global Exception Handling with ASP.NET

After your global exception handler has done its work, you'll want to redirect the users of your website to a friendly page that tells them that something has gone wrong, and then provide them with customer support information as well as a link back to your web application's home page.

SQL Server 2005 Try and Catch Exception Handling

I'm pretty excited to see that there is some real error handling for T-SQL code in SQL Server 2005. It's pretty painful to have your wonderfully architected .NET solution tainted by less-than-VBScript error handling for stored procedures in the database. The big difference being the addition of TRY..CATCH blocks. Let's take a look:



hello i have the following problem

i have upload my content to hosting server but i get the following error

Security Exception

Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[SecurityException: Request for the permission of typ

Handling 404 page not found with Error page



      How do i handle 404 page not found?

System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPerm


Good Day all,

Having an issue with an outside user accessing my IIS7 box. I do not have this problem when running the website from my host machine. I found this post: Http://forums.asp.net/t/1371394.aspx. I assure you that this is not a solution because I am not storing any of my files on a network share. 

What do you think my approach should be. 

I already have read rights to IIS user to my BIN folder. 

Thanks for the help. 

Error while using exception handling block el 4.1


Hi Folks,


i am trying to use tyhe exception handling block of Enterprise library 4.1.


I just createda polisy and used IndexOutOfRangeException and added a replace handler and a logging handler to it.

I am using the NotifyRethrow PostHandlingAction to the exception.


During runtime I am getting an exception on the HandleException event, The exception is added below:



Object reference not set to an instance of an object.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.NullReferenceException: Object reference not set to an instance of an object.

Source Error:

Line 42:             catch (Exception ex)
Line 43:             {
Line 44:                 bool reThrow = ExceptionPolicy.HandleException(ex, "ReplacePolicy");
Line 45:         

Session handling


I am beginner to asp.net. I wanna set up a login page in ASP.NET. I dont like to use ASP.NET's own Login facilities.. I wanna use session object..How will I block visiting "user page" by clicking the back button of the browser after successfull logout 


Pls help me..

Documentation best practices (VB)


I need some suggestions on where to start learning best practices for documenting VB.Net projects. I'm lacking in knowledge on this subject matter, but I'm not having much luck finding quite what I need to know via Google.

Handling external C++ exceptions


Hi. I'm working in a application that uses an external .Dll developed in C++ language. According the business rule, the .Dll can throws one exception if it found a error. My question is if it's possible handle or catch a exception throwed by the C++ dll? The try/catch doesn't works. Bellow there's the code I'm using to call the C++ dll.

        public extern static IntPtr LoadLibrary(string lpLibFileName);

        [DllImport("kernel32", CharSet = CharSet.Ansi)]
        public extern static IntPtr GetProcAddress(IntPtr hLibModule, string procName);

        public extern static bool FreeLibrary(IntPtr hLibModule);

        private delegate void DllMethodCallBack(string param1, string param2);

        public void CallDllMethod(string param1, string param2)

Digital Signatures: Application Guidelines on Digital Signature Practices for Common Criteria Securi


This article is an overview of digital signature practices and user considerations necessary to write applications in compliance with ISO/IEC 15408 Common Criteria security. Signing categories are described, including those that are a potential risk to the implied trust association that goes with a digital signature.

Jack Davis

MSDN Magazine November 2009

Inside Microsoft patterns & practices: Dependency Injection in Libraries


This article discusses how to write a library or framework that uses the Dependency Injection pattern and how the change in focus affects the usage of the pattern.

Chris Tavares

MSDN Magazine November 2009

EF Data Access: EF v2 and Data Access Architecture Best Practices


Developers deploy a wide variety of development philosophies and architecture styles. This article explores three common perspectives on application development and describes how the Entity Framework can be employed in each. Specifically, the article looks at the forms-centric, model-centric, and code-centric development styles and their relationship to the Entity Framework.

Tim Mallalieu

MSDN Magazine August 2009

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend