Results 1 to 5 of 5

Thread: [2005] Execute Server Process "Request Failed"

  1. #1

    Thread Starter
    Lively Member
    Join Date
    Mar 2006
    Posts
    65

    [2005] Execute Server Process "Request Failed"

    Hi PPL,

    ASP.Net 2.0, IIS 5.0 on W2K Server SP4

    I am attempting to execute a process on the server via an ASP.Net page but am receiving the following error:
    Code:
    System.Security.SecurityException: Request failed.
       at System.Security.CodeAccessSecurityEngine.ThrowSecurityException(Assembly asm, PermissionSet granted, PermissionSet refused, RuntimeMethodHandle rmh, SecurityAction action, Object demand, IPermission permThatFailed)
       at System.Security.CodeAccessSecurityEngine.ThrowSecurityException(Object assemblyOrString, PermissionSet granted, PermissionSet refused, RuntimeMethodHandle rmh, SecurityAction action, Object demand, IPermission permThatFailed)
       at System.Security.CodeAccessSecurityEngine.CheckSetHelper(PermissionSet grants, PermissionSet refused, PermissionSet demands, RuntimeMethodHandle rmh, Object assemblyOrString, SecurityAction action, Boolean throwException)
       at System.Security.CodeAccessSecurityEngine.CheckSetHelper(CompressedStack cs, PermissionSet grants, PermissionSet refused, PermissionSet demands, RuntimeMethodHandle rmh, Assembly asm, SecurityAction action)
       at DBAdmin.ExecuteProcess(String sCommandArgs, Boolean bShowOutput)
       at DBAdmin.btnFSL_Click(Object sender, EventArgs e) in c:\inetpub\wwwroot\integra\admin\dbAdmin.aspx.vb:line 47
       at System.Web.UI.WebControls.Button.OnClick(EventArgs e)
       at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
       at System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument)
       at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
       at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
       at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
       at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
       at System.Web.UI.Page.ProcessRequest()
       at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)
       at System.Web.UI.Page.ProcessRequest(HttpContext context)
       at ASP.admin_dbadmin_aspx.ProcessRequest(HttpContext context)
       at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
       at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
    The action that failed was:
    LinkDemand
    The type of the first permission that failed was:
    System.Security.PermissionSet
    The Zone of the assembly that failed was:
    MyComputer
    Web.config has the following 3 settings:
    Code:
    <identity impersonate="true" />
    <anonymousIdentification enabled="true"/>
    <trust level="High"/>
    I am using an System.Diagnostics.Process instance. Both the IUSR and ASPNET accounts have execute privileges on the executable file. When I step through in code the function does not seem to be called. When I try to 'step into' the function the error is produced before I actually get into the function - its like its not even called.

    I added the following attribute to my ExecuteProcess routine:
    Code:
    <System.Security.Permissions.PermissionSet(System.Security.Permissions.SecurityAction.LinkDemand, Name:="FullTrust")> _
    No success...

    Obviously this is a security permissions problem. How do I fix it?

    Thanks everyone,
    Matt.

  2. #2
    I wonder how many charact
    Join Date
    Feb 2001
    Location
    Savage, MN, USA
    Posts
    3,704

    Re: [2005] Execute Server Process "Request Failed"

    Are you using Forms or Windows authentication, and.. is the executable located locally or on a network share? Is the executable to be called managed code (unmanaged code has no built-in code access security therefore may be uncallable via High trust level - only Full trust).

    This MSDN page seems to have some explanations for your case. It also details how to impersonate only at the method level, so you don't need to impersonate the logon account for the entire web application:

    http://msdn2.microsoft.com/en-us/library/ms998351.aspx
    Last edited by nemaroller; Sep 11th, 2007 at 06:13 AM.

  3. #3

    Thread Starter
    Lively Member
    Join Date
    Mar 2006
    Posts
    65

    Re: [2005] Execute Server Process "Request Failed"

    Hey Rolla,

    Thanks for your reply!

    I am using Forms Authentication, the executable is a VB.Net 2.0 app (i.e managed) and it located in a sub folder of the web application.

    The stack trace from the error states that my 'ExecuteProcess' routine is being called but when stepping through in the debugger it never actually gets there, the error is thrown on the function call???

    I will investigate the link you have posted.

    Matt.

  4. #4

    Thread Starter
    Lively Member
    Join Date
    Mar 2006
    Posts
    65

    Re: [2005] Execute Server Process "Request Failed"

    Changed TrustLevel to 'Full' in web.config and all is sweet.

    Dunno about security repercussions....

    Matt.

  5. #5
    I wonder how many charact
    Join Date
    Feb 2001
    Location
    Savage, MN, USA
    Posts
    3,704

    Re: [2005] Execute Server Process "Request Failed"

    I'm guessing this a public facing web site located on a demilitarized web server (since you're using Forms Authentication and not Integrated Windows authentication.)

    Therefore, giving your web application full trust is not a good idea at all. I think you're problem is you have <anonymousIdentification="true"> in your web config. Remove that line, remove the full trust line. Make sure the web site is set up for Anonymous identification in the web site properties in IIS. Additionally, I don't know why you have <identity impersonate=true>.. if you don't really know why either - you should remove it. If its because your domain has a specific account for which this web application uses - then keep the <identity impersonate = true> in your web.config, and you will need to modify the below advice for the impersonated account (not the ASPNET worker process)

    Now, while your web site might allow an anonymous user access to the virtual folder where the file exists - NTFS will not. You need to right-click on that file in Windows Explorer, click the security tab and give read, write, and execute permissions explicitly to the ASPNET worker process (or the name of the impersonated account.)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width