“安全"已部署的 Web 应用程序上的 NHibernate 问题 [英] "Security" problem with NHibernate on deployed web application

问题描述

我已将使用 NHibernate 的 Web 应用程序部署到服务器.该应用程序在我的本地开发机器上编译并运行良好，但新服务器上的 NHibernate 存在问题.我收到以下错误:

<块引用>

描述:应用程序尝试执行不允许的操作安全政策.授予这个申请所需的权限请联系您的系统管理员或更改应用程序的信任级别配置文件.

异常详情:System.Security.SecurityException:请求类型许可'系统.配置.配置权限,System.Configuration，版本=4.0.0.0，文化=中立，PublicKeyToken=tokenkeyhere'失败.

它建议在配置文件中更改应用程序的信任级别".我该怎么做?这是我第一次部署 NHibernate 网络应用程序，所以我不知所措.

解决方案

我们最近一直在关注这个问题.这是关于以中等信任度运行 NHibernate

这是我见过的对不同信任级别的最简洁的解释:信任级别揭秘

来自文章:

- 完全信任 - 您的代码可以执行运行它的帐户可以执行的任何操作.- 高度信任 - 与上面相同，除了您的代码不能调用非托管代码.即 Win32 API、COM 互操作.- 中等信任 - 与上述相同，但您的代码除了其应用程序目录之外无法看到文件系统的任何部分.- 低信任度——除了你的代码不能进行任何进程外调用之外，与上面相同.即调用数据库、网络等.- 最低限度的信任——除了最琐碎的处理(计算算法)之外，代码受到任何限制.

I've deployed to a server a web application that uses NHibernate. The application compiles and runs fine on my local dev machine, but there's an issue with NHibernate on the new server. I get the following error:

Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Configuration.ConfigurationPermission, System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=tokenkeyhere' failed.

It suggests to change the application's "trust level" in the configuration file. How exactly do I do that? This is the first time I've deployed a NHibernate web app, so I'm at a loss.

解决方案

We've been looking at this a lot lately. Here is a link on running NHibernate in medium trust

This is the most succinct explanation I've seen of the different trust levels: Trust Levels Demystified

From the article:

- Full trust – your code can do anything that the account running it can do.
- High trust – same as above except your code cannot call into unmanaged code. i.e. Win32 APIs, COM interop.
- Medium trust – same as above except your code cannot see any part of the file system except its application directory.
- Low trust – same as above except your code cannot make any out-of-process calls. i.e. calls to a database, network, etc.
- Minimal trust – code is restricted from anything but the most trival processing (calculating algorithms).

这篇关于“安全"已部署的 Web 应用程序上的 NHibernate 问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！