堆栈内存溢出
  繁体   English   中英

CLR用户定义的功能安全异常

[英]CLR User-Defined function security exception

 原文  2013-06-13 14:05:21       c#/ database/ sqlclr

问题描述

我创建了CLR用户定义函数,以使用Google地理编码查找位置的纬度和经度信息。 功能如下: 

using System;
using System.Net;
using System.Xml.XPath;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Text.RegularExpressions;
using System.Threading;
using System.Data.SqlClient;
using System.Data.SqlTypes;
using Microsoft.SqlServer.Server;

public partial class latlong
{
[Microsoft.SqlServer.Server.SqlFunction]

public static SqlString GetLatLong(string address, string city, string state, string zip)
{
    string latitude = "#NA", longitude = "#NA";
    string url = "http://maps.googleapis.com/maps/api/geocode/xml?address=";
    string[] addresssplit = Regex.Split(address, @"\W+");
    if (address != "NULL")
        for (int i = 0; i < addresssplit.Length; i++)
            url = url + addresssplit[i] + "+";
    if (city != "NULL")
    {
        if (state != "NULL")
        {
            if (zip != "NULL") url = url + city + "+" + state + "+" + zip;
            else url = url + city + "+" + state;
        }
        else
        {
            if (zip!= "NULL") url = url + city + "+" + zip;
            else url = url + city;
        }
    }
    else
    {
        if (state != "NULL")
        {
            if (zip != "NULL") url = url + state + "+" + zip;
            else url = url + state;
        }
        else
        {
            if (zip != "NULL") url = url + zip;
        }
    }
    url = url + "&sensor=false";

    WebResponse response = null;
    HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
    request.Method = "GET";
    response = request.GetResponse();
    if (response != null)
    {
        XPathDocument document = new XPathDocument(response.GetResponseStream());
        XPathNavigator navigator = document.CreateNavigator();
        XPathNodeIterator statusIterator = navigator.Select("/GeocodeResponse/status");
        while (statusIterator.MoveNext())
            if (statusIterator.Current.Value != "OK")
            {
                Thread.Sleep(1000);
                return new SqlString("OQL, OQL");
            }
        XPathNodeIterator resultIterator = navigator.Select("/GeocodeResponse/result");
        while (resultIterator.MoveNext())
        {
            XPathNodeIterator geometryIterator = resultIterator.Current.Select("geometry");
            while (geometryIterator.MoveNext())
            {
                XPathNodeIterator locationIterator = geometryIterator.Current.Select("location");
                while (locationIterator.MoveNext())
                {
                    XPathNodeIterator latIterator = locationIterator.Current.Select("lat");
                    while (latIterator.MoveNext())
                        latitude = latIterator.Current.Value;
                    XPathNodeIterator longIterator = locationIterator.Current.Select("long");
                    while (longIterator.MoveNext())
                        longitude = longIterator.Current.Value;
                }
            }
        }
    }
    Thread.Sleep(1000);
    return new SqlString(latitude + ", " + longitude);
}
}

我已经成功构建并部署了该功能。 因此,我尝试按以下步骤在SQL Server中执行该函数: 

SELECT dba.dbo.GetLatLong('3366 Cherry Avenue','Zion','WI','54963')

当我这样做时,将引发以下安全性表达式 

A .NET Framework error occurred during execution of user-defined routine or aggregate "GetLatLong": 
System.Security.SecurityException: Request for the permission of type 'System.Net.WebPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
System.Security.SecurityException: 
at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
at System.Security.CodeAccessPermission.Demand()
at System.Net.HttpWebRequest..ctor(Uri uri, ServicePoint servicePoint)
at System.Net.HttpRequestCreator.Create(Uri Uri)
at System.Net.WebRequest.Create(Uri requestUri, Boolean useUriBase)
at latlong.GetLatLong(String address, String city, String state, String zip).

我可以看到安全权限存在问题。 但是除此之外,我看不到解决异常的方法。

任何帮助表示赞赏。

3 个解决方案

解决方案1
 2 已采纳  2013-06-13 14:11:11

为了从sql clr代码发出网络请求,必须使用EXTERNAL_ACCESS权限配置程序集。 您可以使用CREATE ASSEMBLY语句设置指定的权限

解决方案2
 0  2013-06-13 14:12:27

您需要使用EXTERNAL_ACCESS *权限声明您的过程:

EXTERNAL_ACCESS程序集具有与SAFE程序集相同的权限,并具有访问外部系统资源(如文件, 网络 ,环境变量和注册表)的附加功能。

(我的重点

*或UNSAFE ,但我要说EXTERNAL_ACCESS除非或直到证明您确实需要UNSAFE为止。

解决方案3
 0  2013-10-01 13:44:00

在sql中运行: 

ALTER DATABASE databasename SET TRUSTWORTHY ON
USE master
GO
grant external access assembly to [domain\computerusername]
grant external access assembly to sa

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 SQL CLR用户定义函数中的C#支持程度? 记录用户定义的异常C# SQL Server 2008是否在CLR存储过程中接收用户定义的表类型? 用户定义的后缀 C# CLR 用户定义 Function SqlBytes - InvalidOperationException 如何注册CLR用户定义函数以在linq查询中使用? Dapper 可以将用户定义的复合类型传递给 PostgreSQL 函数吗? 在LINQ查询中调用SQL用户定义的函数 如何在 xamarin 的 SQLite 中创建用户定义的函数? 将用户定义的函数转换为EF的存储过程
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM