locked
Request for principal permission failed RRS feed

  • Question

  • User-626088549 posted

    I just upgraded our solution to .NET 4.0 from 3.5. Now, when I run on my local machine I get the error in the subject with the follow stack trace:

    [SecurityException: Request for principal permission failed.] System.Security.Permissions.PrincipalPermission.ThrowSecurityException() +3063281 System.Security.Permissions.PrincipalPermission.Demand() +419 System.Security.PermissionSet.DemandNonCAS() +117 Default..ctor() +46 ASP.default_aspx..ctor() in c:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\portal2\cd038864\2f003115\App_Web_nnaicimo.1.cs:0 __ASP.FastObjectFactory_app_web_nnaicimo.Create_ASP_default_aspx() in c:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\portal2\cd038864\2f003115\App_Web_nnaicimo.7.cs:0 System.Web.Compilation.BuildResultCompiledType.CreateInstance() +30 System.Web.Compilation.BuildManager.CreateInstanceFromVirtualPath(VirtualPath virtualPath, Type requiredBaseType, HttpContext context, Boolean allowCrossApp) +100 System.Web.UI.PageHandlerFactory.GetHandlerHelper(HttpContext context, String requestType, VirtualPath virtualPath, String physicalPath) +31 System.Web.UI.PageHandlerFactory.System.Web.IHttpHandlerFactory2.GetHandler(HttpContext context, String requestType, VirtualPath virtualPath, String physicalPath) +64 System.Web.HttpApplication.MapHttpHandler(HttpContext context, String requestType, VirtualPath path, String pathTranslated, Boolean useAppConfig) +191 System.Web.MapHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +145 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +155

    Any idea why this problem arises after the conversion?

    Thanks,

    Wednesday, September 17, 2014 10:46 AM

Answers

  • User-626088549 posted

    I was able to figure this out. It had to do with the built-in web server in Visual Studio requiring the older web.config entries for httpModules instead of the modules entries under the system.webServer section.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, September 18, 2014 8:32 AM

All replies

  • User-484054684 posted

    You might need to cross check the following:

    1. AppPool user is correct and has right permissions.

    2. marking Trust level to full in web.config to see if this is causing the issue. <trust level="Full" />

    3. Verify the <authentication tags to get the clue of which user is running the piece.

    Reference: http://stackoverflow.com/questions/8812926/system-security-securityexception-request-for-principal-permission-failed

    Wednesday, September 17, 2014 11:00 AM
  • User-626088549 posted

    1. This is running on localhost Cassini web server.

    2. Just tried that, didn't help.

    3. authentcation is set to none as we use a custom HttpModule. Though, it seems the modules are not executing.

    Wednesday, September 17, 2014 11:04 AM
  • User-484054684 posted

    Are you using ASP.NET Membership?

    Wednesday, September 17, 2014 11:17 AM
  • User-626088549 posted

    We are not. It's a custom authentication mechanism that builds a cookie like this:

                    FormsAuthenticationTicket ticket =
                        MyAuthenticationFilter.CreateFormsAuthenticationTicketFromPrincipal(authenticatedPrincipal);
    
                    string encryptedTicket = FormsAuthentication.Encrypt(ticket);
                    HttpCookie cookie = new HttpCookie(MyAuthenticationFilter.My_AUTH_PRINCIPAL_COOKIE_NAME, encryptedTicket);
                    app.Context.Response.Cookies.Add(cookie);
    
                    app.Context.User = authenticatedPrincipal;

    Wednesday, September 17, 2014 11:23 AM
  • User-484054684 posted

    Ok, I don't see any other clues at the moment other than the ones I mentioned.

    I would let the other experts in this forum to share any other clues.

    Wednesday, September 17, 2014 2:59 PM
  • User465171450 posted

    Make sure you have an appropriate <authentication> element to your web.config. Even if you are rolling your own it should require this for the forms authentication ticket.

    Wednesday, September 17, 2014 3:01 PM
  • User-626088549 posted

    Make sure you have an appropriate <authentication> element to your web.config. Even if you are rolling your own it should require this for the forms authentication ticket.

    There is one:

    <authentication mode="None" />

    It's been that way for years and has worked fine. It's only when I updated to 4.0 that I've had this problem, which is why I'm so boggled.

    Wednesday, September 17, 2014 3:09 PM
  • User-484054684 posted

    Pleaes check if there are any assemblies that were signed before and forgot to sign during the upgradation?

    Reference: http://stackoverflow.com/a/12784796

    Also came across this thread, if impersonalization accounts are creating the problem for you.

    http://forums.asp.net/t/1486937.aspx?Security+Exception+Handling+in+Global+asax+does+not+work+on+IIS

    Wednesday, September 17, 2014 3:25 PM
  • User-626088549 posted

    I was able to figure this out. It had to do with the built-in web server in Visual Studio requiring the older web.config entries for httpModules instead of the modules entries under the system.webServer section.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, September 18, 2014 8:32 AM