Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

Security Exception: so generic, how to find the root of the issue?

  Asked By: Mario    Date: Jan 08    Category: Sharepoint    Views: 920

In building components for SharePoint, you run into the Security Exception
occasionally. For me, it's when I call a function that returns a boolean
value. When I try to debug it, I can't even step into the function to see
what's dying (when I put the debugger to stop on the line where the function
is called, it does stop, but won't let me step into it. All it says is
"Security Exception". I check the call stack and sure enough, my method is
getting called, but I can't get in there. So... how do you narrow it down
what the security problem is so I can grant the correct permissions in my
custom security policy file for the virtual server? I don't want to just
throw it into the GAC as that's not a very secure way to test.



3 Answers Found

Answer #1    Answered By: Saul Cobb     Answered On: Jan 08

Are you checking the Inner exception  of the Exception? Sometimes that contains more pertinent information than just the regular outer exception.

Answer #2    Answered By: Karl Reid     Answered On: Jan 08

The Inner exception  is null. I've tried throwing it inside a try/catch... also tried writing out the message/source/stack trace of the inner exception but all throw errors because it doesn't exist. When I look at the exception in the debugger, it shows {} for the InnerException.

I'm pretty sure it has something to do with the object I'm creating. It's a MCMS object (CmsApplicationContext). When I comment out everything form my method  that's throwing the error and slowly uncomment it back line  by line and testing it, it's definatly failing when I try to get the specific object. What's frustrating is that the error isn't any more detailed so I have no idea where to start looking.

Answer #3    Answered By: Lionel Phelps     Answered On: Jan 08

Running down the train of thought that the SharePoint user didn't have permissions  to run  one or more of the following:
(1) my assemblies
(2) the targeted assembly (Microsoft.ContentManagement.Publishing.dll).

After reading up a whitepaper "Microsoft Windows SharePoint Services & Code Access Security", I created my custom  policy file  by duplicating the wss_mediumtrust one and adding code groups for my assemblies & the targeted assembly. However, I get "Execution permission cannot be acquired" whenever I try to access any of my assemblies OR even the CMS assembly with this method... so maybe I've done it wrong in my policy  file? Dunno.

Any ideas on what's going on or how I can debug  it would be greatly appreciated.