stackoom
  简体   繁体   中英

Web.config anonymousIdentification cookieName via Code in Medium Trust?

 原文  2012-12-26 17:24:38       asp.net/ web-config/ webconfigurationmanager

Question

Is there an easy way to read the cookieName from the web.config for the anonymousIdentification section while working in Medium Trust?

What I'm trying to do is prevent the creation of thousands of Anonymous users because either:

  1. people have cookies turned off, or
  2. the visitor is a spider/bot without cookie capabilities.

How I'm attempting to accomplish this is by checking for the presence of either the Forms Authentication or Anonymous Identification cookies in Application_BeginRequest. If there is no cookie, I set a flag that will prevent the saving of anything to the database.

But in order to do that I must know the names of the cookies. For that, I attempted to do this: 

AuthCookieName = FormsAuthentication.FormsCookieName;
var anonSection = (AnonymousIdentificationSection)WebConfigurationManager.GetSection("system.web/anonymousIdentification");
if (anonSection != null)
    AnonCookieName = anonSection.CookieName;

While the auth cookie name is retrieved without any problems, the WebConfigurationManager throws the security exception: System.Security.SecurityException: Request for the permission of type 'System.Configuration.ConfigurationPermission, System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' failed.

I know this is a trust issue because when I give High or Full Trust the exception goes away. However, it is important this works in Medium Trust, and I cannot modify the machine.config.

Is there a way to set requirePermission="false" at the web.config level of my application for the anonymousIdentification section?

Am I going to have to load the web.config in an XML document and parse it out manually?

Other ideas?

Is there something better than this? I'm only running once on Application_Start() . 

XmlDocument config = new XmlDocument();
config.Load(Server.MapPath("~/Web.config"));
XmlNode anonSection = config.SelectSingleNode("configuration/system.web/anonymousIdentification");
if (anonSection != null)
{
    XmlAttribute nameAttr = anonSection.Attributes["cookieName"];
    if (nameAttr != null)
        AnonCookieName = nameAttr.Value;
}
if (string.IsNullOrWhiteSpace(AnonCookieName))
    AnonCookieName = ".ASPXANONYMOUS";

1 answers

solution1
 0 ACCPTED  2014-02-04 21:59:48

According to Microsoft, Medium Trust is dead. But if you have to do it, this should work: 

XmlDocument config = new XmlDocument();
config.Load(Server.MapPath("~/Web.config"));
XmlNode anonSection = config.SelectSingleNode("configuration/system.web/anonymousIdentification");
if (anonSection != null)
{
    XmlAttribute nameAttr = anonSection.Attributes["cookieName"];
    if (nameAttr != null)
        AnonCookieName = nameAttr.Value;
}
if (string.IsNullOrWhiteSpace(AnonCookieName))
    AnonCookieName = ".ASPXANONYMOUS";

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to write to Web.Config in Medium Trust? web.config forms authentication, cookiename Encrypt and Save the ASP.NET ConnectionString within the web.config using Medium Trust? Reading system.net/mailSettings/smtp from Web.config in Medium trust environment Setting Trust Level in web.config How can I Set “cookieName” attribute of the “sessionState” XML element in my web.config programatically Compiling Code in Medium Trust Control IIS Caching via Web.config How to enable SessionStateTempDataProvider via Web.config? Disable HTTP Access via web.config
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM