正在努力制定中等信任丢失的原因是什么? [英] Is trying to develop for Medium Trust a lost cause?
问题描述
我就开始发展同实体框架code-第一和Unity依赖注入新的MVC应用程序。我用EF5和团结,因为我认为他们应该在中等信任的工作。然而,当我扔<信任级别=中/> 在我的标签的web.config ,我开始反思许可例外。
I started developing a new MVC app with Entity Framework code-first and Unity for dependency injection. I used EF5 and Unity because I thought they were supposed to work in Medium Trust. However, when I threw the <trust level="Medium" /> tag in my web.config, I started getting Reflection Permission exceptions.
它总是好像每当我超越了使用内置的东西,如 System.Data.SqlClient的 ADO.net东西,我总是碰上中等信任问题。自动映射:失败。 NHibernate的:失败。 MySQL的:失败。 EF5 code-第一:失败。国际奥委会:失败
It always seems like whenever I go beyond using built-in things like the System.Data.SqlClient ADO.net stuff I always run into problems in Medium Trust. Auto-Mapper: fail. NHibernate: fail. MySQL: fail. EF5 Code-first: fail. IOC: fail.
我是不是追逐白日梦?是否有可能利用现代技术将在中信任运行实现了良好架构和可测试的Web应用程序?
Am I just chasing a pipe-dream? Is it possible to achieve a well-architected and testable web application using modern technology that will run in Medium Trust?
在虚拟机的时代/虚拟服务器/云计算(甚至几个共享主机,将设置你的应用程序池,以完全信任)有没有人找到了中等信任发展是值得的?
In the age of VMs/Virtual Servers/Cloud Computing (and even a few shared hosts that will set your application pools to Full Trust) has anyone found developing for Medium Trust to be worth the effort?
推荐答案
ASP.NET开发团队的官方立场是,中等信任已经过时了。这意味着几件事情:
The official position of the ASP.NET team is that Medium Trust is obsolete. This means a few things:
- 我们会自动解析报给我们所有中等信任有关的错误不会修复。
- 我们提供了指导,主机托管服务提供商,他们应该从中等信任迁移出来,并使用适当的操作系统级别的隔离,而不是(的http:// support.microsoft.com/kb/2698981 )。
- 我们是从我们开发的框架去除中等信任支持(MVC,的WebAPI,SignalR,等等)。展望未来,建立在这些框架将需要完全信任的应用程序。
在这里,所谓中等信任上面是指在ASP.NET中所有非完全信任的配置,包括使用内置的信任级别(最低,低,中,高)或任何定制水平的信任。
Here, the term "Medium Trust" above to refers to all non-Full Trust configurations in ASP.NET, including use of the built-in trust levels (Minimal, Low, Medium, High) or any custom trust levels.
的编辑2015年5月26日:的作为一个整体去$ P $ .NET框架pcated部分信任,并建议客户不要依赖于它作为一个安全边界。 从MSDN :
Edit 26 May 2015: The .NET Framework as a whole has deprecated partial trust, and customers are advised not to rely on it as a security boundary. From MSDN:
code接入安全.NET Framework中不应该被用作
与部分受信任的code,特别是code安全边界
待查。我们建议对加载和执行的code
来历不明不把替代安全措施
的地方。
Code Access Security in .NET Framework should not be used as a security boundary with partially trusted code, especially code of unknown origin. We advise against loading and executing code of unknown origins without putting alternative security measures in place.
这篇关于正在努力制定中等信任丢失的原因是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
