Monday, 30 June 2008

XBAP applications and Strong Naming.

One of the first things that is hammered into you when start reading up on XBAP applications is that they run with Partial Trust. There are ways to get your XBAP application running with full trust but this is not the typical scenario (and that topic is worth a whole series of blog posts).

When you Strong Name an assembly, by default the assembly will not allow Partially Trusted callers. As the sandbox in which your XBAP applications run is running with Partial Trust, this means that you will get the following error in the browser when you try to run your application

Startup URI: C:\dir\MyApplication.xbapApplication Identity: file:///C:/dir/MyApplication.xbap#MyApplication.xbap, Version=x.x.x.x, Culture=neutral, PublicKeyToken=0000000000000000, processorArchitecture=msil/MyApplication.exe, Version=x.x.x.x, Culture=neutral, PublicKeyToken=0000000000000000, processorArchitecture=msil, type=win32
System.Security.SecurityException: That assembly does not allow partially trusted callers. at System.Security.CodeAccessSecurityEngine.ThrowSecurityException(Assembly asm, PermissionSet granted, PermissionSet refused, RuntimeMethodHandle rmh, SecurityAction action, Object demand, IPermission permThatFailed) at System.AppDomain._nExecuteAssembly(Assembly assembly, String[] args) at System.AppDomain.nExecuteAssembly(Assembly assembly, String[] args) at System.Runtime.Hosting.ManifestRunner.Run(Boolean checkAptModel) at System.Runtime.Hosting.ManifestRunner.ExecuteAsAssembly() at System.Runtime.Hosting.ApplicationActivator.CreateInstance(ActivationContext activationContext, String[] activationCustomData) at System.Runtime.Hosting.ApplicationActivator.CreateInstance(ActivationContext activationContext) at System.Windows.Interop.PresentationApplicationActivator.CreateInstance(ActivationContext actCtx) at System.Activator.CreateInstance(ActivationContext activationContext) at System.AppDomain.InternalRemotelySetupRemoteDomainHelper(Object[] args) at System.Threading.Thread.CompleteCrossContextCallback(InternalCrossContextDelegate ftnToCall, Object[] args) at System.AppDomain.nCreateInstance(String friendlyName, AppDomainSetup setup, Evidence providedSecurityInfo, Evidence creatorsSecurityInfo, IntPtr parentSecurityDescriptor) at System.Runtime.Hosting.ApplicationActivator.CreateInstanceHelper(AppDomainSetup adSetup) at System.Runtime.Hosting.ApplicationActivator.CreateInstance(ActivationContext activationContext, String[] activationCustomData) at System.Windows.Interop.PresentationApplicationActivator.CreateInstance(ActivationContext actCtx) at System.Windows.Interop.ApplicationLauncherXappDebug.Initialize() at System.Windows.Interop.DocObjHost.MS.Internal.AppModel.IBrowserHostServices.Run(String path, String debugSecurityZoneURL, String viewerUri, String fragment, String applicationId, MimeType mime, Object streamContainer, Object ucomLoadIStream, String userAgentString, Boolean isDebugMode, String progressAssemblyName, String progressClassName, String errorAssemblyName, String errorClassName)The action that failed was:LinkDemandThe method that caused the failure was:Void Main()


To prevent this problem, you need to mark your XBAP assembly with the AllowPartiallyTrustedCallersAttribute, for example:

[assembly: AllowPartiallyTrustedCallers]


With this Attribute your XBAP application will now run.

About Me