Hi, I developed and installed a Web Service on a Windows Server 2003, the
web service works fine on any Windows XP Workstation but not on the server,
I keep getting this exception:

System.Security.SecurityException: Request for the permission of type
System.Net.WebPermission, System, Version=1.0.5000.0, Culture=neutral,
PublicKeyToken=b77a5c561934e089 failed.
at System.Security.CodeAccessSecurityEngine.CheckHelper(PermissionSet
grantedSet, PermissionSet deniedSet, CodeAccessPermission demand,
PermissionToken permToken)
at System.Security.CodeAccessSecurityEngine.Check(PermissionToken
permToken, CodeAccessPermission demand, StackCrawlMark& stackMark, Int32
checkFrames, Int32 unrestrictedOverride)
at System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission
cap, StackCrawlMark& stackMark)
at System.Security.CodeAccessPermission.Demand()
at System.Net.HttpRequestCreator.Create(Uri Uri)
at System.Net.WebRequest.Create(Uri requestUri, Boolean useUriBase)
at System.Net.WebRequest.Create(Uri requestUri)
at System.Web.Services.Protocols.WebClientProtocol.GetWebRequest(Uri uri)
at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebRequest(Uri
uri)
at System.Web.Services.Protocols.SoapHttpClientProtocol.GetWebRequest(Uri
uri)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters)
at
Bluenode.Gourmet.Services.Service_SS.station.CancelaDetalleComanda(Int32
Mesa, String Producto, Int32 Orden, String Autorizador)
at Bluenode.Gourmet.Services.pos.CancelaDetalleComanda(Int32 NoMesa,
String NombreProducto, Int32 NoOrden, String NombreAutoriza, Int32
IdDetalleComanda)

The state of the failed permission was:
<IPermission class="System.Net.WebPermission, System, Version=1.0.5000.0,
Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1">
<ConnectAccess>
<URI uri="http://plasma/station/station\.asmx"/>
</ConnectAccess>
</IPermission>

I've triend adding the site to the trusted sites, increasing the site's
trust, etc.

Please help!!!

Hello,

Thank you for using the community. I am Luke and I am review this issue
currently. As I understand, the web service call another web service and
encounter an SecurityException.You have set:

<IPermission class="System.Net.WebPermission, System, Version=1.0.5000.0,
Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1">
<ConnectAccess>
<URI uri="http://plasma/station/station\.asmx"/>
</ConnectAccess>
</IPermission>

If we made some changes:

<URI uri="http://plasma/station/station/.*" />

Wull this help?

And how did you set the trust level for the external web service? full
trust?

For more information on Code Access Security with ASP .NET, you may refer
to:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht
ml/THCMCh09.asp

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

This URL is programatically set, I has an initial URL like:
http://localhost/station/station.asmx but I change it with this code:

service.Url = "http://" + host + "/station/station.asmx";

When I've debugged I've seen that the URL is correct, actually, this same
webservice works fine on any other WinXP computer, but not on the Win2003.

And yes, the host: http://plasma as same as http://192.168.5.15 (it's IP)
have full trust.

Don't know what else to do...

Thanks for the help.

Isaias Formacio

[quoted text, click to view]

Hi Isaias,

Sorry for not stating clear in my previous message. I mean, in the
web.config of your web service, is there such an line to grant trust level?

<system.web>

<trust level="Full" originUrl="http://plasma/station/.*"/>

</system.web>

You may refer to following article about "<trust>" Element in web.config:

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechn
ol/windowsserver2003/proddocs/standard/aacontrustelement.asp

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

I tryed the line as you mentioned and it didn't work, then I put this line:

<trust level="Full" originUrl="" />

And it's now working fine, although I don't know what security issues I
might be opening...


[quoted text, click to view]

Hi Isaias,

<trust level="Full" originUrl=""/> will grant full trust to your origin web
service running on the server. I think the problem may be caused by the
related settings in web.config and machine.config. You may compare the
copies between the Window 2003 and Windows XP to see the difference.

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)