Login
Back to all discussion topics

Mono Support Database install on MS SQL Server 2008 failes 

Viewed 210872 time(s), 24 post(s), 10/17/2012 12:59:55 PM - by JanReilink

Related topics

khorvat
khorvat
10/26/2012 8:20:37 PM
15993 Reputation 2214 Total posts

We have amend the installation scripts so JanReilink please go ahead and retry to install the latest MonoX nightly build.

Regards

11
JanReilink
JanReilink
10/29/2012 10:22:17 AM
66 Reputation 11 Total posts

Thank Khorvat. I downloaded the nightly build, but it gives me a Security Exception I can't get past:

<!--
[SecurityException]: Request for the permission of type 'System.Configuration.ConfigurationPermission, System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' failed.
   at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
   at System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission cap, StackCrawlMark& stackMark)
   at System.Security.CodeAccessPermission.Demand()
   at System.Configuration.BaseConfigurationRecord.CheckPermissionAllowed(String configKey, Boolean requirePermission, Boolean isTrustedWithoutAptca)
[SecurityException]: Request for ConfigurationPermission failed while attempting to access configuration section 'system.web/authentication'. To allow all callers to access the data for this section, set section attribute 'requirePermission' equal 'false' in the configuration file where this section is declared.
   at System.Configuration.BaseConfigurationRecord.CheckPermissionAllowed(String configKey, Boolean requirePermission, Boolean isTrustedWithoutAptca)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
   at System.Configuration.BaseConfigurationRecord.GetSection(String configKey)
   at System.Web.HttpContext.GetSection(String sectionName)
   at System.Web.Configuration.HttpConfigurationSystem.GetSection(String sectionName)
   at System.Web.Configuration.WebConfigurationManager.GetSection(String sectionName)
   at Brickred.SocialAuth.NET.Core.Utility.GetAuthenticationMode()
   at Brickred.SocialAuth.NET.Core.Utility.GetAuthenticationOption()
   at Brickred.SocialAuth.NET.Core.SocialAuthHttpModule.context_PreRequestHandlerExecute(Object sender, EventArgs e)
   at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

which has to do with the permissions to access system.web/authentication

12
khorvat
khorvat
10/29/2012 10:43:29 AM
15993 Reputation 2214 Total posts

We have fixed this on our end, and you can fix it very easily on yours ... you just need to change the following:

From:
<section name="SocialAuthConfiguration" type="Brickred.SocialAuth.NET.Core.SocialAuthConfiguration, SocialAuth-net, Version=2.1.0.0, Culture=neutral, PublicKeyToken=null" allowDefinition="Everywhere" allowLocation="true" />
 
To:
<section name="SocialAuthConfiguration" type="Brickred.SocialAuth.NET.Core.SocialAuthConfiguration, SocialAuth-net, Version=2.1.0.0, Culture=neutral, PublicKeyToken=null" requirePermission="false" allowDefinition="Everywhere" allowLocation="true" />
Regards

13
JanReilink
JanReilink
10/29/2012 11:06:12 AM
66 Reputation 11 Total posts

Thanks.

I'm sorry, I didn't mention I already added the requirePermission="false" to the SocialAuthConfiguration key. The exception remains the same:

Server Error in '/monox' Application.
 
Security Exception
 
Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
 
Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Configuration.ConfigurationPermission, System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' failed.
 
Source Error:
 
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
 
Stack Trace:
 
 
[SecurityException: Request for the permission of type 'System.Configuration.ConfigurationPermission, System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' failed.]
   System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) +0
   System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission cap, StackCrawlMark& stackMark) +31
   System.Security.CodeAccessPermission.Demand() +46
   System.Configuration.BaseConfigurationRecord.CheckPermissionAllowed(String configKey, Boolean requirePermission, Boolean isTrustedWithoutAptca) +99
 
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.272
 
<!--
[SecurityException]: Request for the permission of type 'System.Configuration.ConfigurationPermission, System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' failed.
   at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
   at System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission cap, StackCrawlMark& stackMark)
   at System.Security.CodeAccessPermission.Demand()
   at System.Configuration.BaseConfigurationRecord.CheckPermissionAllowed(String configKey, Boolean requirePermission, Boolean isTrustedWithoutAptca)
[SecurityException]: Request for ConfigurationPermission failed while attempting to access configuration section 'system.web/authentication'. To allow all callers to access the data for this section, set section attribute 'requirePermission' equal 'false' in the configuration file where this section is declared.
   at System.Configuration.BaseConfigurationRecord.CheckPermissionAllowed(String configKey, Boolean requirePermission, Boolean isTrustedWithoutAptca)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
   at System.Configuration.BaseConfigurationRecord.GetSection(String configKey)
   at System.Web.HttpContext.GetSection(String sectionName)
   at System.Web.Configuration.HttpConfigurationSystem.GetSection(String sectionName)
   at System.Web.Configuration.WebConfigurationManager.GetSection(String sectionName)
   at Brickred.SocialAuth.NET.Core.Utility.GetAuthenticationMode()
   at Brickred.SocialAuth.NET.Core.Utility.GetAuthenticationOption()
   at Brickred.SocialAuth.NET.Core.SocialAuthHttpModule.context_PreRequestHandlerExecute(Object sender, EventArgs e)
   at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->
PS: I also commented some settings which aren't allowed in a default (allowOverride="false") set-up:

<!--
  <securityPolicy>
   <trustLevel name="MediumMonoX" policyFile="web_mediumtrust.monox.config" />
  </securityPolicy>
  <trust level="Full" legacyCasModel="true" />
-->
<!-- httpRuntime maxRequestLength="1550000" enableVersionHeader="false" / -->
<!-- urlCompression doStaticCompression="true" doDynamicCompression="true" / -->
This last one (urlCompression) is not configurable for web-users in our IIS set-up

14
JanReilink
JanReilink
11/26/2012 4:14:12 PM
66 Reputation 11 Total posts

Hi,

Hereby an update (maybe a new post would be better, my apologies for the inconvenience).

Today I downloaded the nightly build v4.7.40.4049. I did manage to get it installed(!), but with a lot of changes to the web.config and that left me a non functional website. An overview:

* Above mentioned web.config changes are still necessary (securityPolicy, httpRuntime, urlCompression) in our set up.
* You cannot use a database with a dash (-) in the name. The dash and everything after gets stripped off. So a database name foobar-123 will become foobar, which can't be found during installation.
* Telerik.Web.UI, Version=2011.1.322.40 doesn't function on Windows Server 2012 / IIS 8.0. I managed to fix this by fetching a new version and redirecting the version number in web.config:

<runtime>
  <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
    <dependentAssembly>
      <assemblyIdentity name="Telerik.Web.UI" publicKeyToken="121fae78165ba3d4" culture="neutral" />
      <bindingRedirect oldVersion="0.0.0.0-2011.1.322.40" newVersion="2012.3.1016.45" />
    </dependentAssembly>
  </assemblyBinding>
</runtime>
* to get MonoX to install in medium trust, I had to disable SocialAuthConfiguration / Brickred.SocialAuth.* in the web.config, which would throw the following Exception:

<!--
[SecurityException]: Request for the permission of type 'System.Configuration.ConfigurationPermission, System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' failed.
   at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
   at System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission cap, StackCrawlMark& stackMark)
   at System.Security.CodeAccessPermission.Demand()
   at System.Configuration.BaseConfigurationRecord.CheckPermissionAllowed(String configKey, Boolean requirePermission, Boolean isTrustedWithoutAptca)
[SecurityException]: Request for ConfigurationPermission failed while attempting to access configuration section 'system.web/authentication'. To allow all callers to access the data for this section, set section attribute 'requirePermission' equal 'false' in the configuration file where this section is declared.
   at System.Configuration.BaseConfigurationRecord.CheckPermissionAllowed(String configKey, Boolean requirePermission, Boolean isTrustedWithoutAptca)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
   at System.Configuration.BaseConfigurationRecord.GetSection(String configKey)
   at System.Web.HttpContext.GetSection(String sectionName)
   at System.Web.Configuration.HttpConfigurationSystem.GetSection(String sectionName)
   at System.Web.Configuration.WebConfigurationManager.GetSection(String sectionName)
   at Brickred.SocialAuth.NET.Core.Utility.GetAuthenticationMode()
   at Brickred.SocialAuth.NET.Core.Utility.GetAuthenticationOption()
   at Brickred.SocialAuth.NET.Core.SocialAuthHttpModule.context_PreRequestHandlerExecute(Object sender, EventArgs e)
   at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->
and this leaves me with a non functional site after installing. There is a redirect loop:
/login.aspx?ReturnUrl=%2f%26unauthorized%3dTrue%26unauthorized%3dTrue%26

Transferring the website to a Windows Server 2008 / IIS 7.5 webserver doesn't resolve this issue. On IIS 7.5 I also have to comment everything related to HttpCompress:

<!-- <section name="HttpCompress" type="MonoSoftware.Web.WAO.HttpCompress.Configuration.HttpCompressConfiguration, MonoSoftware.Web.WAO" requirePermission="false" /> -->
 
    <HttpCompress turnedOn="true" defaultProvider="Deflate" useCaching="true">
      <providers>
        <clear />
        <!--compressionLevel="high|normal|low|none"-->
        <!--Note: If you use None as compression level you will turn off the http compressions-->
        <add name="Deflate" type="MonoSoftware.Web.WAO.HttpCompress.Providers.DeflateProvider, MonoSoftware.Web.WAO" customProperties="CompressionLevel=High;" />
        <add name="GZip" type="MonoSoftware.Web.WAO.HttpCompress.Providers.GZipProvider, MonoSoftware.Web.WAO" customProperties="CompressionLevel=High;" />
      </providers>
      <ExcludedMimeTypes>
        <clear />
        <add name="png" type="image/png" />
        <add name="jpeg" type="image/jpeg" />
        <add name="gif" type="image/gif" />
[...]
      </ExcludedPaths>
    </HttpCompress>
 
<!-- <add name="CompressionModule" type="MonoSoftware.Web.WAO.HttpCompress.HttpCompressModule, MonoSoftware.Web.WAO" /> -->
(and so on).

Google Chrome then gives me the error: Fout 310 (net::ERR_TOO_MANY_REDIRECTS)

15
khorvat
khorvat
12/3/2012 9:21:30 PM
15993 Reputation 2214 Total posts

Hi,

we will review everything and get back you ASAP.

Thanks for the feedback.

16
khorvat
khorvat
12/3/2012 9:29:08 PM
15993 Reputation 2214 Total posts

Hi,

we have been working on your issue and it seems to us that you have very strict security policy on your server. We have installed MonoX on Windows 2012 without any issues and in case you need to install MonoX in medium trust then you need to use the security policy section you commented out:

<securityPolicy>
   <trustLevel name="MediumMonoX" policyFile="web_mediumtrust.monox.config" />
</securityPolicy>
  <trust level="Full" legacyCasModel="true" />
So you need to switch to MediumMonoX trust level, we are still investigating some of the issues you had, and some of them are fixed. FYI Nightly build scheduled for Wednesday will have upgraded version of Telerik library.

Can you give us some more information about your environment ?
 
Thanks

17
JanReilink
JanReilink
12/4/2012 6:31:55 AM
66 Reputation 11 Total posts

Hi,

Thanks for your reply. Our .NET security policy is quite common among shared hosting providers (GoDaddy for instance). It's a modification of the web_mediumtrust.config, in which extra permissions are added. I cannot load another policy file in my webapplication because of <location allowOverride="false"> for <system.web><securityPolicy></securityPolicy><trust level ... />.

The most important and modified settings are:

WebPermission: Unrestricted="true"
OleDbPermission: Unrestricted="true"
OdbcPermission: Unrestricted="true"
MySqlClientPermission: Unrestricted="true"
SocketPermissoin: Unrestricted="true"
ReflectionPermission: Flags="RestrictedMemberAccess"
FileIOPermission: Read, PathDiscovery, Write and Append in $AppDir$

In IIS, users don't have permission to set up urlCompression.

PS: Microsoft did make some changes to the .NET Framework, on what seems to be ReflectionPermission related because a lot of (older) web applications broke down after Patch Tuesday (Nov 13th 2012).

Just let me know if you need more information.

18
khorvat
khorvat
12/4/2012 11:55:14 AM
15993 Reputation 2214 Total posts

Thanks for the feedback, is it possible for you to send us your "web_mediumtrust.monox.config" for comparison ? You can post it here or if this is inconvenient for you you can send it by InMail.

Thanks

19
JanReilink
JanReilink
12/13/2012 3:43:14 PM
66 Reputation 11 Total posts

Hi Khorvat,

Just noticed this reply (didn't receive an e-mail notification). To what e-mail address can I send our .NET configuration files (web.config, machine.config if necessary, web_mediumtrust.config and MonoX's web_mediumtrust.monox.config)?

Regards,
Jan

20
1 2 3
This is a demo site for MonoX. Please visit Mono Software for more info.