Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

Trust policy conflict

  Asked By: Desmond    Date: Oct 04    Category: Sharepoint    Views: 1463

I have a web part that accesses an external web service for data. I've done
the two different solutions:

(1) create a custom permission set with a WebPermission & specifying the URL
(http://www.foo.com/*) and adding a codegroup for my web part DLL using this
permission set
(2) create a codegroup and assign my the web part DLL FullTrust

Both of these will get my web part to work and get past the common
"WebPermission" exception thrown when a web part tries to access a web
service. However, when someone clicks the "Manage Content" link in the
Actions menu in a portal, I get the .NET exception page that won't show the
exception because of the web.config settings for custom errors. Regardless
of what I chose (On/Off/RemoteOnly), I can't get the error to display.

Any idea (1) how to see the detailed error AND/OR (2) how to fix my
permission to allow my web part to work, but not interfere with the "Manage
Content" link? I'm clueless to why the SharePoint admin link died (and can't
see the error).

After making the policy change, I did run IISRESET to be safe.



1 Answer Found

Answer #1    Answered By: Francisco Simpson     Answered On: Oct 04

Little more info after some more testing.

I finally figured out that I had to modify the web.config in the _Layouts physical directory to show  the errors  since it was actually running under a different app domain.... so one problem down.

However, now doing that, I can now see the error  is coming from the machine.config. The error is:

Description: An error occurred during the processing of a configuration file required to service  this request. Please review the specific error details below and modify your configuration file appropriately.

Parser Error Message: Assembly system.web.services.dll security permission  grant set  is incompatible between appdomains.

Source Error:

Line 191: <add assembly="System.Web, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>

Line 192: <add assembly="System.Data, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>

Line 193: <add assembly="System.Web.Services, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>

Line 194: <add assembly="System.Xml, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>

Line 195: <add assembly="System.Drawing, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>

Basically, now that I’ve implemented my changes in my policy  file (see original post for the two ways I’ve tried this), it appears that my web  part’s dll  will get out to web services, but now none of the applications under _layouts or other web applications are ok. It looks like somehow my trust  is running under both app domains (I think). I know that trusts are cumulative so I tried rearranging them, but no luck.

Here’s my permission set:

<PermissionSet Name="FIS_WebService" class="NamedPermissionSet" version="1">

<IPermission class="WebPermission" version="1">


<URI uri="http://www.foo.com/*"/>




And here’s the code group:

<CodeGroup PermissionSetName="FIS_ WebService " class="UnionCodeGroup" version="1">

<IMembershipCondition class="WebPermission" Name="FIS.Webparts.NewsReader" version="" PublicKeyBlob="ommitted" />



Didn't find what you were looking for? Find more on Trust policy conflict Or get search suggestion and latest updates.