Re: Managing client-side security for .NET UserControl under IE

Not sure this helps but we build a Url code group with Full Trust 'on the
fly' when the app starts up, then remove it inside a Finally when the app
closes. Works like a charm.


""Jeffrey Tan[MSFT]"" <v-jetan@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:Lh0AROzOFHA.5096@xxxxxxxxxxxxxxxxxxxxxxxx
> Hi Tim,
>
> Thanks for your post!!
>
> Based on my understanding, you want to gain the "Full Trust" permission on
> client machine in CAS setting, but you do not want the client to do the
> configuration manually.
>
> Because the .Net CAS setting is used to restrict the .Net code right, I do
> not think there is any managed way to workaround this.(Or I think CAS is
> of
> no use). So, we should resort to some unmanaged way to get this done, then
> this can workaround the control of CAS. For example, we can host an
> unmanged ActiveX component in IE, and digital sign this activeX component.
> Once the client user trusted our ActiveX component, we can use unmanaged
> to
> invoke Code Access Security Policy Tool (Caspol.exe). Using certain
> options
> with Caspol.exe, we can make our UserControl assembly "Full Trusted".(For
> example, if our assembly is strang named, we can leverage -addfulltrust
> assembly_file option to config it). Even, we can use -s off option to turn
> off the CAS on client machine :-)
>
> For more information about how to digital sign an ActiveX component,
> please
> refer to:
> "Digital Signing for ActiveX Components"
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vbcon98/htm
> l/vbconUnderstandingDigitalSigning.asp
>
> For how to use activeX component in Html page, you may refer to:
> "Using ActiveX Controls in Visual InterDev Web Applications"
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnvid/html/
> msdn_activexvid.asp
>
> Hope this helps.
> =======================================
> Thank you for your patience and cooperation. If you have any questions or
> concerns, please feel free to post it in the group. I am standing by to be
> of assistance.
>
> Best regards,
> Jeffrey Tan
> Microsoft Online Partner Support
> Get Secure! - www.microsoft.com/security
> This posting is provided "as is" with no warranties and confers no rights.
>


.

Relevant Pages

  • RE: Managing client-side security for .NET UserControl under IE
    ... client machine in CAS setting, but you do not want the client to do the ... Because the .Net CAS setting is used to restrict the .Net code right, ... unmanged ActiveX component in IE, and digital sign this activeX component. ...
    (microsoft.public.dotnet.framework.windowsforms.controls)
  • Re: Class export by regular DLL (vc++) be used in vb
    ... Use the Declare Function directive to declare them in your VB code, ... Create a typelib for the DLL and reference that in your app. ... ActiveX component. ...
    (microsoft.public.vb.general.discussion)
  • Tk eventloop
    ... I try/struggle to use an ActiveX component in a Tk app. ... When i execute ... it i can catch the first event and then when i try to change the value ...
    (comp.lang.python)
  • dialinPrivilege w/ VB.NET
    ... I have a small vb.net app that is used to create new users on our ... to VPN in (Remote Access Permission). ... I need to get a user object and set dialinPrivilege to true. ... try to do this I get a Cannot create ActiveX component. ...
    (microsoft.public.dotnet.languages.vb)
  • Re: Fujitsu COBOL and COM and events
    ... > I have the following problem related with Fujitsu COBOL and events ... > Basically I have a small app that is calling a third party app, ... I had the same problem working with EXCEL. ... only solution I came up with was to develop a VB ActiveX component to ...
    (comp.lang.cobol)