EagleWizard

In the add-in itself I use reflection.
An other programmer can give me a DLL file with actions (functions) and with the class, namespace and the path of the DLL
I can use these functions in my add-in.

I tested everything in a windows application and it worked perfect.
After that I tried to use the same code in my Word add-in but I got a Security error.
Here is the code where I had the problem:

Code Snippet

Assembly assem = Assembly.LoadFile(this.FilePath);
if (assem == null) return; //compilatie liep wellicht verkeerd
System.Type T = assem.GetType(this.Namespace + "." + this.Class);

object o = System.Activator.CreateInstance(T);
T.InvokeMember(this.Method, System.Reflection.BindingFlags.InvokeMethod, null, o, new object[] { (object)dicArgs, (object)sConfig });


The program gave a securityerror on the InvokeMember method.
Probably I have to register the used dll somewhere in the .NET Framework 2.0.

Can anybody help me fix this



Re: Visual Studio Tools for Office Security problem Word 2007 add-in

Maarten van Stam

Are you doing this from within a VSTO addin

Please remember that this forum is really meant for discussions around the Visual Studio Tools For Office technology. General Office interop questions should be handled in the Office automation newsgroup which can be found here:

http://msdn.microsoft.com/newsgroups/default.aspx dg=microsoft.public.officedev

-= Maarten =-






Re: Visual Studio Tools for Office Security problem Word 2007 add-in

EagleWizard

Yes I am using VSTO2005SE and Office 2007

The functions are listed in a listbox that I put in an Actionpane.

First you have to select the function and press a button to start it.






Re: Visual Studio Tools for Office Security problem Word 2007 add-in

Maarten van Stam

Ah, so what I understand is that you try to invoke functions in this external library (dll) that you select at runtime from a list that you added to ActionPane.

What is the security message you get (text, screendump )

-= Maarten =-






Re: Visual Studio Tools for Office Security problem Word 2007 add-in

EagleWizard

Maarten van Stam wrote:

Ah, so what I understand is that you try to invoke functions in this external library (dll) that you select at runtime from a list that you added to ActionPane.

Exactly

InnerException {"De aanvraag voor machtiging van type System.Security.Permissions.UIPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 is mislukt."} System.Exception {System.Security.SecurityException}

StackTrace " bij System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)\r\n bij System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments, Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)\r\n bij System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)\r\n bij System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)\r\n bij System.RuntimeType.InvokeMember(String name, BindingFlags bindingFlags, Binder binder, Object target, Object[] providedArgs, ParameterModifier[] modifiers, CultureInfo culture, String[] namedParams)\r\n bij System.Type.InvokeMember(String name, BindingFlags invokeAttr, Binder binder, Object target, Object[] args)\r\n bij ContentHandler.Data.clsActionFromDLL.PerformAction(Dictionary`2 dicArgs) in D:\\School\\Stage\\ContentHandler\\ContentHandler.Data\\clsActionFromDLL.cs:regel 69" string

The error messages are in dutch, but I hope it will tell you enough about the problem






Re: Visual Studio Tools for Office Security problem Word 2007 add-in

Misha Shneerson - MSFT

VSTO has much tighter security system than WinForms applications. E.g., by default, WinForms apps would give FullTrust permissions to the assemblies that are installed on the machine i.e. belong to 'My Computer' zone.

VSTO has a security system which ignores all zone-based trust decisions. Hence, you will need to find another way to trust your assemlby. Notice though, that when you reference an assembly from your project and compile it - VSTO IDE will modify CAS policy on your machine to allow the referenced assembly to run. No such luck when you consume assembly through reflection. In this case you need to modify CAS policy on your machine to explicitly grant trust to the assembly using such evidences as URL or strong name.

E.g. for URL based policy you could run a command like this:

caspol -u -ag 1 -url <assemblypath> FullTrust

For more information about VSTO security I would advise to grab Eric&Eric book and read the security chapter.






Re: Visual Studio Tools for Office Security problem Word 2007 add-in

EagleWizard

Works like a charm, thanks!