Programming Microsoft ASP.NET 4 - Dino Esposito [411]
Medium applications have unrestricted access to SQL Server, but only as long as they don’t use blank passwords for accounts. The WebPermission is granted to both medium-trust and low-trust applications, but it requires that the URL be configured in the A rule of thumb is that Medium trust should be fine for most ASP.NET applications and applying it shouldn’t cause significant headaches, provided that you don’t need to access legacy Component Object Model (COM) objects or databases exposed via OLE DB providers. However, there are a few common situations in which adapting an application to Medium trust requires some configuration work. A popular example is setting NHibernate to work in a Medium-trust environment. (See http://blog.yeticode.co.uk/2010/03/running-nhibernate-in-medium-trust for details.) Granting Privileges Beyond the Trust Level The second approach requires a bit of refactoring but leads to better and safer code. The idea is to sandbox the server-side code and make it delegate to external components (for example, serviced components or command-line programs) the execution of any tasks that exceed the application’s permission set. Obviously, the external component will be configured to have all required permissions. Note Code sandboxing is the only option you have if your partially trusted ASP.NET application is trying to make calls into an assembly that doesn’t include the AllowPartiallyTrustedCallers attribute. For more information on programming for medium trust, check out the contents at the following URL: http://msdn2.microsoft.com/en-us/library/ms998341.aspx. In spite of the title, which refers to ASP.NET 2, the content is still up to date. ASP.NET Authentication Methods Originally, ASP.NET supported three types of authentication methods: Windows, Passport, and Forms. A fourth possibility is None, meaning that ASP.NET does not even attempt to perform its own authentication and completely relies on the authentication already carried out by IIS. In this case, anonymous users can connect and resources are accessed using the default ASP.NET account. In ASP.NET 4, Passport authentication is marked as obsolete. It is largely replaced by oAuth. In particular, you can use your Windows Live ID with oAuth. You choose the ASP.NET authentication mechanism using the
What if one of the tasks to perform requires privileges that the trust level doesn’t grant? There are two basic approaches. The simplest approach is to customize the policy file for the trust level and add any permissions you need. The solution is easy to implement and doesn’t require code changes. It does require administrator rights to edit the security policy files. From a pure security perspective, it is not a great solution because you’re just adding to the whole application the permissions you need for a particular method of a particular page or assembly.
Depending on the type of the requested resource, IIS might or might not be able to handle the request itself. If the resource needs the involvement of ASP.NET (for example, it is an .aspx file), IIS hands the request over to ASP.NET along with the security token of the authenticated, or anonymous, user. What happens next depends on the ASP.NET configuration.