Can dependentAssembly work with change to publicKeyToken? RRS feed

  • Question

  • I reference a third party dll (A) through a different third party dll (B).  After recieving an update to dll A, I used a dependentAssembly tag in the config file to make sure dll B is using the updated dll. 

            <assemblyIdentity name="A" publicKeyToken="Original A token" culture="neutral"/>
            <bindingRedirect oldVersion="" newVersion=""/>

    Now I have yet another update to dll A, but this time the publicKeyToken has changed.

            <assemblyIdentity name="A" publicKeyToken="New A token" culture="neutral"/>
            <bindingRedirect oldVersion="" newVersion=""/>

    Using the new publicKeyToken does not seem to work, as my code refrencing dll B does not compile.  Is there a way to force dll B to pick up the newest version of dll A, even though the publicKeyToken has changed?

    Friday, November 20, 2009 10:30 PM


  • Hi Eric,

    Thanks for your post.

    DependentAssembly doesn't support redirect to assemblies with different PublicKeyToken. This is because of the strong name mechanism. Otherwise, malicious user can use their own DLL to replace the referenced DLL by modifying the config file.

    In this situation, the only solution is asking the third party company to rebuilding DLL B with new version of A's DLL with different token.

    For more information, please read: http://msdn.microsoft.com/en-us/magazine/cc163583.aspx

    Hope it helps.


    Hongye Sun [MSFT]
    MSDN Subscriber Support in Forum
    If you have any feedback on our support, please contact msdnmg @ microsoft.com

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    Welcome to the All-In-One Code Framework! If you have any feedback, please tell us.
    • Marked as answer by Eric3333 Monday, November 23, 2009 1:54 PM
    Monday, November 23, 2009 6:40 AM