ASP.NET 2.0 + MySQL Connector 1.0.7 + Medium Trust Level
Posted by: Marco Cianciaruso
Date: June 10, 2006 01:58PM

Hi to all

(sorry for my english)
I was looking for a solution from many month, many people talk about this problem on many forums, but no one tell something of usefull.

After many test i think solved the my problem to use MYSQL Connector with ASP.NET WITHOUT OleDBPermission!!

I use VS2005 with VB.NET, Win2003Server, MySQL 5.0 , MySQL Connector 1.07.

Step 1 - Compile a new MySql.Data.dll using the source code.
To produced a mine MySql.Data.dll, that accept not only full trusted level

I used the source code to rebuild the MySql.Data.dll, changing the adding the following code ad the AssemblyInfo.cs:

using ......
using System.Security;

[assembly: ......
[assembly: AllowPartiallyTrustedCallers() ]

Without this step i received the following error:
System.Security.SecurityException: That assembly does not allow partially trusted callers.

After build you need add reference to VS2005 and use this new DLL insteed the original one.

Step 2 - Create a Custom level C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\

Create a file web_mediumMySQLtrust.config (cloning the existing web_mediumtrust.config)

and add the SOCKPermission:

<SecurityClass .............
<SecurityClass Name="SocketPermission" Description="System.Net.SocketPermission, System, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>


Save and close the file.

Step 3 - Assign Custom Level modifing the C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\web.config on the server machine

<trustLevel name="Full" policyFile="internal" />
<trustLevel name="High" policyFile="web_hightrust.config" />
<trustLevel name="Medium" policyFile="web_mediumtrust.config" />
<trustLevel name="MediumMySQL" policyFile="web_mediumMySQLtrust.config" />
<trustLevel name="Low" policyFile="web_lowtrust.config" />
<trustLevel name="Minimal" policyFile="web_minimaltrust.config" />
<trust level="MediumMySQL" originUrl="" />

Without SOCK enabling i receive the following error from MySQL.DATA.dll:
Unable to connect to any of the specified MySQL hosts

In this way i'm able to use MYSQL and ASP.NET with no FULL TRUST LEVEL.
My project work fine now. And this is enought, isn't it?

I'm only not sure what happen to the ASP.NET SECURITY enabling the SOCK, there is some security rick? And if yes wich one? There is some way to do it in more secure way?
I'm continuing testing it, please make the same and let me know your opinion about this method.

Will be glad the MYSQL stuff opinion too.

using Visual Studio 2008

Options: ReplyQuote

Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.