Step 3 (Optional): Set Special Security Attributes

  • Article

ASP.NET Web Parts that you store in the bin directory have some special constraints for security. You can choose whether to set special security attributes for your filter Web Part, depending on how you plan to use it.

The bin directory is a partial trust location, and thus, your Web Part does not automatically grant full trust code permissions when it is executed. Because the code that calls into your Web Part will be granted only partial trust permissions, your ASP.NET Web Part needs to have the AllowPartialTrustedCallers attribute set on it. You can set this attribute at the assembly level.

Warning

Marking an assembly as safe to AllowPartiallyTrustedCallers puts a lot of responsibility for safe implementation on the developers.

Another issue is that the code access security permissions for the bin directory are very low by default; only pure execution is allowed. You almost certainly will have to elevate these permissions to make your assembly run correctly.

There are two ways to elevate permissions:

  • In the web.config file in the Web application root, you will see a tag called <trust level> with an attribute of level="WSS_Minimal". You can change this level to WSS_Medium. This change will raise the net trust level of the bin directory. This option is simpler, but because it generically raises the trust level and thus grants arbitrary new permissions you might not need, it is less secure than the other option, which is to create a new trust policy file.

  • Create a new trust policy file, and point your web.config file at the new file. This option is more complicated, but it gives you a more precise attribution of permissions for your Web Parts.

Prerequisites

Since this sample is only used for demonstration purposes, this procedure raises the trust level of the bin directory. Note that this option is less secure.

Warning

Raising the trust level of the bin directory is a less secure option than creating a new trust policy file and pointing the web.config file at it.

To raise the trust level of the bin directory

  1. Locate the web.config file in your application root and open it for editing.

  2. Locate the trust level tag, <trust level="WSS_Minimal">. Change the trust level to WSS_Medium.

Next Steps

Step 4: Add your Web Part to the Safe Controls List