This is the method on the server-side:
public virtual DataTable LoadDataTableFromDB(DALArgs args, string
tableName, SqlCommand sqlCmd) {
DataTable dt = new DataTable(tableName);
try {
InitializeConnection(args);
if (cmd.Connection == null) {
cmd.Connection = (SqlConnection)Connection;
}
SqlDataAdapter da = new SqlDataAdapter(cmd);
da.Fill(dt);
return dt;
}
catch(System.InvalidOperationException ex) {
ReportException(ex, this, "LoadDataTableFromDB(string,
SqlCommand)\n" +
"Command text: " + ((cmd == null) ? string.Empty :
cmd.CommandText));
return null;
}
catch(System.Data.SqlClient.SqlException ex) {
ReportException(ex, this, "LoadDataTableFromDB(string,
SqlCommand)\n" +
"Command text: " + ((cmd == null) ? string.Empty :
cmd.CommandText));
return null;
}
}
[quoted text, click to view] Sunny <sunny@newsgroups.nospam> wrote in message news:<ujTPwV5bEHA.368@TK2MSFTNGP10.phx.gbl>...
> Do I understand you correctly that these lines are in the server object? And
> what about myDataTable? is it on the server as well, or it is passed as out
> parameter to the method?
>
> Sunny
>
> Ali wrote:
>
> > Hi,
> > I am trying to call a method on an SAO which contains the following
> > lines of code:
> > .....lines removed.....
> > SqlDataAdapter da = new SqlDataAdapter(cmd);
> > da.Fill(myDataTable); // Exception is thrown here
> > .....lines removed.....
> > An exception gets thrown at da.Fill, reading:
> > ***begin exception text***
> > Got an exception Permission denied: cannot call non-public or static
> > methods remotely.
> > ***end exception text***
> >
> > Fill is not a static or non-public method at all. What is going on
> > with this?
> >
> > Is this not allowed while remoting? Is there a workaround?
> >
> > Thanks,
> >
Hi,
You are passing SqlCommand object as parameter. SqlCommand is MBR, so only a
reference to the client object is passed, not the actual object. When you
invoke DataAdapter.Fill, it tries to use remoted command object. You may
pass only the command string, and to create the command object at server
side.
Out of topic:
Actually, I would avoid execution of any SQL command, passed from a client.
A malicious client can send "ANY" command, which affects the security of
the database.
Sunny
[quoted text, click to view] Ali wrote:
> This is the method on the server-side:
>
> public virtual DataTable LoadDataTableFromDB(DALArgs args, string
> tableName, SqlCommand sqlCmd) {
> DataTable dt = new DataTable(tableName);
> try {
> InitializeConnection(args);
> if (cmd.Connection == null) {
> cmd.Connection = (SqlConnection)Connection;
> }
> SqlDataAdapter da = new SqlDataAdapter(cmd);
> da.Fill(dt);
> return dt;
> }
> catch(System.InvalidOperationException ex) {
> ReportException(ex, this, "LoadDataTableFromDB(string,
> SqlCommand)\n" +
> "Command text: " + ((cmd == null) ? string.Empty :
> cmd.CommandText));
> return null;
> }
> catch(System.Data.SqlClient.SqlException ex) {
> ReportException(ex, this, "LoadDataTableFromDB(string,
> SqlCommand)\n" +
> "Command text: " + ((cmd == null) ? string.Empty :
> cmd.CommandText));
> return null;
> }
> }
>
> Sunny <sunny@newsgroups.nospam> wrote in message
> news:<ujTPwV5bEHA.368@TK2MSFTNGP10.phx.gbl>...
>> Do I understand you correctly that these lines are in the server object?
>> And what about myDataTable? is it on the server as well, or it is passed
>> as out parameter to the method?
>>
>> Sunny
>>
>> Ali wrote:
>>
>> > Hi,
>> > I am trying to call a method on an SAO which contains the following
>> > lines of code:
>> > .....lines removed.....
>> > SqlDataAdapter da = new SqlDataAdapter(cmd);
>> > da.Fill(myDataTable); // Exception is thrown here
>> > .....lines removed.....
>> > An exception gets thrown at da.Fill, reading:
>> > ***begin exception text***
>> > Got an exception Permission denied: cannot call non-public or static
>> > methods remotely.
>> > ***end exception text***
>> >
>> > Fill is not a static or non-public method at all. What is going on
>> > with this?
>> >
>> > Is this not allowed while remoting? Is there a workaround?
>> >
>> > Thanks,
>> >
>> > Ali
Thanks for your answers. You were absolutely right. I duplicated the
command object on the server-side and it all started working just
fine. Passing the command object was a bad design because it was an
afterthought and I am now modifying the code so that my business logic
resides in the remote object removing the need for passing command
objects or SQL to execute from the client.
Thanks for your help.
Ali
[quoted text, click to view] Sunny <sunny@newsgroups.nospam> wrote in message news:<OefwupScEHA.3096@tk2msftngp13.phx.gbl>...
> Hi,
>
> You are passing SqlCommand object as parameter. SqlCommand is MBR, so only a
> reference to the client object is passed, not the actual object. When you
> invoke DataAdapter.Fill, it tries to use remoted command object. You may
> pass only the command string, and to create the command object at server
> side.
>
> Out of topic:
> Actually, I would avoid execution of any SQL command, passed from a client.
> A malicious client can send "ANY" command, which affects the security of
> the database.
>
> Sunny
>
> Ali wrote:
>
> > This is the method on the server-side:
> >
> > public virtual DataTable LoadDataTableFromDB(DALArgs args, string
> > tableName, SqlCommand sqlCmd) {
> > DataTable dt = new DataTable(tableName);
> > try {
> > InitializeConnection(args);
> > if (cmd.Connection == null) {
> > cmd.Connection = (SqlConnection)Connection;
> > }
> > SqlDataAdapter da = new SqlDataAdapter(cmd);
> > da.Fill(dt);
> > return dt;
> > }
> > catch(System.InvalidOperationException ex) {
> > ReportException(ex, this, "LoadDataTableFromDB(string,
> > SqlCommand)\n" +
> > "Command text: " + ((cmd == null) ? string.Empty :
> > cmd.CommandText));
> > return null;
> > }
> > catch(System.Data.SqlClient.SqlException ex) {
> > ReportException(ex, this, "LoadDataTableFromDB(string,
> > SqlCommand)\n" +
> > "Command text: " + ((cmd == null) ? string.Empty :
> > cmd.CommandText));
> > return null;
> > }
> > }
> >
> > Sunny <sunny@newsgroups.nospam> wrote in message
> > news:<ujTPwV5bEHA.368@TK2MSFTNGP10.phx.gbl>...
> >> Do I understand you correctly that these lines are in the server object?
> >> And what about myDataTable? is it on the server as well, or it is passed
> >> as out parameter to the method?
> >>
> >> Sunny
> >>
> >> Ali wrote:
> >>
> >> > Hi,
> >> > I am trying to call a method on an SAO which contains the following
> >> > lines of code:
> >> > .....lines removed.....
> >> > SqlDataAdapter da = new SqlDataAdapter(cmd);
> >> > da.Fill(myDataTable); // Exception is thrown here
> >> > .....lines removed.....
> >> > An exception gets thrown at da.Fill, reading:
> >> > ***begin exception text***
> >> > Got an exception Permission denied: cannot call non-public or static
> >> > methods remotely.
> >> > ***end exception text***
> >> >
> >> > Fill is not a static or non-public method at all. What is going on
> >> > with this?
> >> >
> >> > Is this not allowed while remoting? Is there a workaround?
> >> >
> >> > Thanks,
> >> >
Don't see what you're looking for? Try a search.
