Security problem encountered when connecting to URL - Cassini Feedback and Questions

Welcome Guest! To enable all features please Login or Register.

Notification

Error

UltiDev Forum » UltiDev Cassini Web Server for ASP.NET » Cassini Feedback and Questions » Security problem encountered when connecting to URL

Security problem encountered when connecting to URL

Options

Previous Topic Next Topic

DevMo		#1 Posted : Wednesday, June 28, 2006 4:33:04 PM(UTC)
Groups: Member Joined: 6/20/2006(UTC) Posts: 9 Location: France		This is the error I get, if you happen to know why : Security problem encountered when connecting to URL for 'C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll'. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.OutOfMemoryException: Security problem encountered when connecting to URL for 'C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll'. Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. Stack Trace: [OutOfMemoryException: Security problem encountered when connecting to URL for 'C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll'.] System.Web.Handlers.AssemblyResourceLoader..cctor() +0 [TypeInitializationException: The type initializer for 'System.Web.Handlers.AssemblyResourceLoader' threw an exception.] System.Web.Handlers.AssemblyResourceLoader.IsValidWebResourceRequest(HttpContext context) +0 System.Web.Security.FormsAuthenticationModule.OnEnter(Object source, EventArgs eventArgs) +547 System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +138 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +65 Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET Version:2.0.50727.42
Back to top

User Profile View All Posts by User View Thanks

Guest		#2 Posted : Wednesday, June 28, 2006 4:47:41 PM(UTC)
Groups: Joined: 11/1/2005(UTC) Posts: 278		I restarted my machine and all is well now. I have another problem now though. I have a small ASP.NET application which contains a Login module. When I start my application from visual studio in debug mode, I can authenticate, which is not the case if I call my login module from Cassini Explorer. After that if I try to restart my application from VS2005, I receive a message telling me the resource I am trying to access is already used by another process. Any ideas?
Back to top

DevMo		#3 Posted : Wednesday, June 28, 2006 4:51:51 PM(UTC)
Groups: Member Joined: 6/20/2006(UTC) Posts: 9 Location: France		This might help, the error I generate is the following, I am the only administrator on my machine : Cannot open user default database. Login failed. Login failed for user 'AUTORITE NT\SYSTEM'. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Data.SqlClient.SqlException: Cannot open user default database. Login failed. Login failed for user 'AUTORITE NT\SYSTEM'. Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. Stack Trace: [SqlException (0x80131904): Cannot open user default database. Login failed. Login failed for user 'AUTORITE NT\SYSTEM'.] System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) +171 System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) +199 System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) +2305 System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK) +34 System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection owningObject, SqlConnectionString connectionOptions, String newPassword, Boolean redirectedUserInstance) +606 System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance) +193 System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection) +501 System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnection owningConnection, DbConnectionPool pool, DbConnectionOptions options) +28 System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject) +429 System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject) +70 System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection owningObject) +512 System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection) +85 System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory) +89 System.Data.SqlClient.SqlConnection.Open() +160 System.Web.DataAccess.SqlConnectionHolder.Open(HttpContext context, Boolean revertImpersonate) +84 System.Web.DataAccess.SqlConnectionHelper.GetConnection(String connectionString, Boolean revertImpersonation) +199 System.Web.Security.SqlMembershipProvider.GetPasswordWithFormat(String username, Boolean updateLastLoginActivityDate, Int32& status, String& password, Int32& passwordFormat, String& passwordSalt, Int32& failedPasswordAttemptCount, Int32& failedPasswordAnswerAttemptCount, Boolean& isApproved, DateTime& lastLoginDate, DateTime& lastActivityDate) +1029 System.Web.Security.SqlMembershipProvider.CheckPassword(String username, String password, Boolean updateLastLoginActivityDate, Boolean failIfNotApproved, String& salt, Int32& passwordFormat) +106 System.Web.Security.SqlMembershipProvider.CheckPassword(String username, String password, Boolean updateLastLoginActivityDate, Boolean failIfNotApproved) +43 System.Web.Security.SqlMembershipProvider.ValidateUser(String username, String password) +81 System.Web.UI.WebControls.Login.OnAuthenticate(AuthenticateEventArgs e) +131 System.Web.UI.WebControls.Login.AttemptLogin() +106 System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e) +82 System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +35 System.Web.UI.WebControls.Button.OnCommand(CommandEventArgs e) +86 System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +155 System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +7 System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +11 System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +4919 Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET Version:2.0.50727.42
Back to top

User Profile View All Posts by User View Thanks

Ultidev Team		#4 Posted : Wednesday, June 28, 2006 5:14:42 PM(UTC)
Groups: Administration Joined: 11/3/2005(UTC) Posts: 2,253 Thanks: 28 times Was thanked: 60 time(s) in 59 post(s)		Hello, DevMo! From your stack trace it seems that you are using Integrated/Windows authentication in the SQL connection string. If that's the case, the difference in behavior between IIS, VS WebDev server and Cassini is understandable, becasue they (and hence your app) run under different user accounts. UltiDev Cassini runs under "Local System" account, while IIS runs under "NETWORK SERVICE", and VS2005 WebDev runs under your personal account. To resolve this you have a couple of options: - Use SQL login instead of Integrated login in your SQL connection string - a simple but less secure option as you may have to save password in the connection string. - Create a new login in SQL Server corresponding to "Local System" windows account and map an appropriate database user to the login. Please let us know if you were able to resolve this issue. Best regards, UltiDev Team. Please donate at http://www.ultidev.com/products/Donate.aspx to help us improve our products.
Back to top		WWW

User Profile View All Posts by User View Thanks

DevMo		#5 Posted : Tuesday, July 4, 2006 3:28:33 AM(UTC)
Groups: Member Joined: 6/20/2006(UTC) Posts: 9 Location: France		Just to let you know, I am still confronted to this problem. Question: Which of the two solutions you are suggesting is best suited to the following situation. Our application will have to be deployed from a CD on a computer without Internet connection. Our Setup module will eventually include Cassini merge module as well as SQL Express. I need to make sure our users will not encounter this problem after installing our solution. Our target audience will have no technical skills whatsoever. They will barely know how to put a CD in their computer. So which of the two solutions will guarantee a reliable configuration on the front-end machine? Thank you.
Back to top

User Profile View All Posts by User View Thanks

DevMo		#6 Posted : Tuesday, July 4, 2006 5:28:45 AM(UTC)
Groups: Member Joined: 6/20/2006(UTC) Posts: 9 Location: France		Another thing : If I start my ASP.NET application from VS2005 the URL : http://localhost:1324/ASPNET/Default.aspx is called and I can authenticate and run my application without problems. However if I start my application from the Cassini Explorer, the following URL is called : http://MachineName:16742/Default.aspx (The port was configured by Cassini), I get the following error : Cannot open user default database. Login failed. Login failed for user 'AUTHORITY NT\SYSTEM'. I am totally lost here as I am not a system administrator but a project manager trying to evaluate Cassini for an eventual use on some of our medium scale solutions. Thank you.
Back to top		\| Edit by user

User Profile View All Posts by User View Thanks

Ultidev Team		#7 Posted : Tuesday, July 4, 2006 5:56:51 AM(UTC)
Groups: Administration Joined: 11/3/2005(UTC) Posts: 2,253 Thanks: 28 times Was thanked: 60 time(s) in 59 post(s)		Hello, DevMo. It's very hard to provide an advice on architecture from far away, but (without taking any legal responsibilities) we'd think you will be better off using database user instead of windows user in your connection string if you are shipping the solution on a CD to unplugged users. The problem you are facing should go away after you start using database user to access the database. We do have an article explaining how to make DotNetNuke, a very popluar open-source ASP.NET 2.0 application, work with Cassini. The article does not go into how to redistribute them together, but it will give you an idea about how database can be configured in SQL Server 2005 in order to be accessible from Cassini application. Regards, UltiDev Team. Please donate at http://www.ultidev.com/products/Donate.aspx to help us improve our products.
Back to top		WWW

User Profile View All Posts by User View Thanks

DevMo		#8 Posted : Tuesday, July 4, 2006 6:52:30 AM(UTC)
Groups: Member Joined: 6/20/2006(UTC) Posts: 9 Location: France		Thanks for the quick reply. I will keep you posted on how things go for us. I will eventually post a solution as I understand it, it might help others. As for the legal responsibilities, you do not have to worry with us. We just believe in your solution and we want to support it. We do not have the time nor the will for legal stuff. We think, you will eventually be a major player in the ASP.NET arena if you are not already. So keep up the great work. Thanks
Back to top

User Profile View All Posts by User View Thanks

Ultidev Team		#9 Posted : Tuesday, July 4, 2006 8:04:12 AM(UTC)
Groups: Administration Joined: 11/3/2005(UTC) Posts: 2,253 Thanks: 28 times Was thanked: 60 time(s) in 59 post(s)		Thank you for the support and for the intention to help the community by posting the solution once you find it! We are trying hard to unlock a web application market for intranet and disconncted users. Let us know if we can help. Best wishes, UltiDev Team. Please donate at http://www.ultidev.com/products/Donate.aspx to help us improve our products.
Back to top		WWW

User Profile View All Posts by User View Thanks

Guest		#10 Posted : Tuesday, March 8, 2016 3:15:54 AM(UTC)
Groups: Joined: 11/1/2005(UTC) Posts: 278		Message was deleted by a Moderator.
Back to top		\| Reason

Rss Feed

Atom Feed

Users browsing this topic
Guest (5)

UltiDev Forum » UltiDev Cassini Web Server for ASP.NET » Cassini Feedback and Questions » Security problem encountered when connecting to URL

Forum Jump

You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You can vote in polls in this forum.