我们在 Windows 服务中托管 WCF 服务 (.NET 4.0)。它在大多数机器上运行得很好,但在某些机器上它会抛出以下异常:“错误:为 system.serviceModel/bindings 创建配置节处理程序时发生错误:该程序集不允许部分受信任的调用者。” (完整的堆栈跟踪位于本文的底部)
在部分受信任的环境中,这种异常似乎是预料之中的,但据我们所知,我们正在(或应该)在完全信任下运行:
- 一切都安装在本地 C:\ 驱动器上
- Windows 服务在管理员帐户下运行
- 未设置软件限制策略
- 我们还没有做任何事情来明确地在中等信任下运行
事实证明,当我们从 app.config 中删除绑定部分(并在代码中进行配置)时,一切都会正常工作。只是读取导致问题的配置部分。
问题:
- 那么什么可能导致这个安全异常呢?
- 我们如何判断我们是否确实在完全信任的情况下运行?
- 我们需要更改哪些计算机设置或配置选项才能避免这种安全异常?
任何帮助表示赞赏
这是堆栈跟踪:
Connect.Host.Connect.InitializeServiceHost(:0) Connect.Host.Connect.InitializeServiceHost(:0) [(null)] - Error: An error occurred creating the configuration section handler for system.serviceModel/bindings: That assembly does not allow partially trusted callers. (C:\Connect\MyApp\Host\Connect.Host.exe.Config line 54), stacktrace: at System.Configuration.BaseConfigurationRecord.EvaluateOne(String[] keys, SectionInput input, Boolean isTrusted, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentResult)
at System.Configuration.BaseConfigurationRecord.Evaluate(FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentResult, Boolean getLkg, Boolean getRuntimeObject, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSection(String configKey)
at System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(String sectionName)
at System.Configuration.ConfigurationManager.GetSection(String sectionName)
at System.ServiceModel.Activation.AspNetEnvironment.UnsafeGetSectionFromConfigurationManager(String sectionPath)
at System.ServiceModel.Activation.AspNetEnvironment.UnsafeGetConfigurationSection(String sectionPath)
at System.ServiceModel.Configuration.ConfigurationHelpers.UnsafeGetAssociatedSection(ContextInformation evalContext, String sectionPath)
at System.ServiceModel.Description.ConfigLoader.LookupChannel(ContextInformation configurationContext, String configurationName, ContractDescription contract, EndpointAddress address, Boolean wildcard, Boolean useChannelElementKind, ServiceEndpoint& serviceEndpoint)
at System.ServiceModel.ChannelFactory.InitializeEndpoint(String configurationName, EndpointAddress address)
at System.ServiceModel.ChannelFactory`1..ctor(String endpointConfigurationName, EndpointAddress remoteAddress)
at System.ServiceModel.EndpointTrait`1.CreateSimplexFactory()
at System.ServiceModel.ClientBase`1.CreateChannelFactoryRef(EndpointTrait`1 endpointTrait)
at System.ServiceModel.ClientBase`1.InitializeChannelFactoryRef()
at System.ServiceModel.ClientBase`1..ctor()
at Connect.BL.EndpointManager.RegisterEndpoint(Int32 endpointId)
at Connect.Host.Connect.InitializeServiceHost() for endpoint 0