Aspose.Pdf and Medium trust

Aspose.PDF Product Family
21

Hi,<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />

Sorry for a delayed response.

The issue has been resolved and will be released in our upcoming monthly release of Aspose.Pdf for .NET v6.7 (schedule to be released in February 2012). You will be notified via this forum thread once the new version if available for download.

Sorry for the inconvenience,

22

I have not received any email saying this is released, so could you verify that this is fixed in the current release? It has been a long 2 and 1/2 years waiting for this (over a year after I gave you source code on how to work around the trust issues) and I would LOVE to hear it is releases and ready for use…

23

Hi Robert,


Thanks for your patience.

I am afraid due to some technical difficulties, the issue related to using Aspose.Pdf for .NET in medium trust environment is not yet resolved. However I have again intimated the development team to share any possible ETA regarding its resolution.

We are really sorry for this inconvenience.
24

It is just shy of the one year mark since the last update was posted. Per chance, has this issue been resolved? I would really love nothing more than to find a HTML to PDF component that runs under Medium Trust. Please let me know if your component is working correctly in Medium Trust and if it is not, can you give an ETA?

Best Regards,
Robert J Collins
Founder & President,
Netlogic Corporation

25

Hi Robert,


We are sorry for the inconvenience caused. The reported issue of medium trust is fixed, please download and try latest Aspose.Pdf for .NET API for the purpose. Please feel free to contact us for any further assistance.

Best Regards,

26

The issues you have found earlier (filed as PDFNEWNET-32124) have been fixed in Aspose.Pdf for .NET 9.3.0.

Blog post for this release can be viewed over this link

This message was posted using Notification2Forum from Downloads module by Aspose Notifier.
(8)
27

Hi Robert,


Thanks for your patience.

We have further investigated the issue PDFNEWNET-32124 reported earlier and it seems to be fixed in latest release of Aspose.Pdf for .NET 9.4.0. We have been able to successfully run the code with “Medium” trust level.

[C#]

Aspose.Pdf.Generator.Pdf pdf1 = new Aspose.Pdf.Generator.Pdf();<o:p></o:p>

//Add a section into the pdf document

Aspose.Pdf.Generator.Section sec1 = pdf1.Sections.Add();

//Add a text paragraph into the section

sec1.Paragraphs.Add(new Aspose.Pdf.Generator.Text("Hello World"));

//Save the document

pdf1.Save("HelloWorld.pdf", SaveType.OpenInAcrobat, Response);

28

I have the same issue. I has posted to the forum and was told that Aspose.PDF requires Full trust to work, but you’re saying it will work in Medium trust. See the post here.



I’ve updated to the latest version of Aspose.PDF ver 10.6.0. I’m using .Net Framework 4.5.1. When I save the PDF using medium trust, I get the following error:

Server Error in ‘/’ Application.

Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application’s trust level in the configuration file.

Exception Details: System.Security.SecurityException: That assembly does not allow partially trusted callers.

Source Error:

Line 98: m_PdfDocument.Save(“RiskDetailedReport.pdf”, SaveType.OpenInBrowser, this.Response);
Line 99: m_PdfDocument.Close();
Line 100: }

If I change the setting the Full Trust, it works just fine.
Here’s an exert of the code since I can’t post the entire code and don’t have time to generate a sample project that does the same thing.
Pdf m_PdfDocument = new Pdf();
m_PdfDocument.IsPageNumberForDocument = false;
m_PdfDocument.DestinationType = DestinationType.FitPage;

foreach (RiskItem MyRisk in MyRisks)
{
DoRiskItem(MyRisk, MyPortal, m_PdfDocument);
}

HttpContext.Current.Response.ClearContent();
HttpContext.Current.Response.ClearHeaders();
HttpContext.Current.Response.ContentType = “application/pdf”;

m_PdfDocument.Save(“RiskDetailedReport.pdf”, SaveType.OpenInBrowser, this.Response);
m_PdfDocument.Close();

29

Hi Tan,


Thanks for contacting support.

Please notice the reply from my fellow worker in 646485 post. Should you have any further query, please feel free to contact.
30

I understand your fellow response to my question, but your response contradict that since you stated that in 9.4, the PDF can be run in Medium trust.

31

Hi Tan,


Tilal’s shared the feedback from general perspective and in order to have optimal results, Aspose.Pdf for .NET should be used in Full Trust permission. Nevertheless, starting v9.4.0, we have introduced the support for Medium trust but we are not entirely certain about all the possible scenarios of medium trust where API should work. Please try using our API and in case you encounter any issue, please feel free to contact.
32

Is it possible to setup Aspose dll in Full Trust in the web config while still have the rest of the site in Medium trust?

33

Hi Tan,


I am in coordination with our product team for above stated requirement and will get back to you soon.
34

Has there been any progress with this?


I have tried the following to get the Aspose.PDF to work while keeping the web application in Medium Trust.

I’ve modify the web.config at the “Microsoft.NET\Framework\v4.0.30319\Config” and the web application to include
<add
assemblyName=“Aspose.Pdf”
version=“10.6.0.0”
publicKey=“[deleted]”
/>
<add
assemblyName=“Aspose.Cells”
version=“8.5.1.0”
publicKey=“[deleted]”
/>

I have tried using a custom medium trust configuration with the following lines added:
<IPermission
class=“Aspose.Pdf.Generator.Pdf”
version=“1”
Unrestricted=“true”
Name=“FullTrust”
Description=“Allow full access to Aspose PDF Generator”
/>
and pointing my app web.config to use the custom trust level:

I don’t understand why version 9.6 works under medium trust but was changed in the latest to not work.

35

Hi Tan,


Thanks for sharing the details and sorry for the delayed response.

I have logged the above stated issue as PDFNEWNET-39261 in our issue tracking system. The product team will further look into the details of this matter and will keep you posted with our findings. We are sorry for this inconvenience.
36

I have a similar issue in Aspose.Cells that I posted here, I believe the fix is the same for both solution.



37

Hi Tan,


Thanks for sharing the information. However during our investigation from product team, it appears that Microsoft is not going to solve the Medium trust related issues for ASP.NET and they are going to marks all such issues as Won’t Fix as they are removing Medium Trust support from their framework. For further details, please visit this link.

So as per above description/explanation, the recently reported issue does not seem to be a problem in our API but it appears to be a restriction in recent version of .NET Framework.


Nevertheless, I have shared the link details which you have mentioned with product team and have intimated them to further look into this matter from this perspective.

38
Hi Tan

Our deployment of Aspose.PDF for .NET requires it to be run on medium trust. If we use the latest standard version, does that mean we should have no problems with medium trust? Or do we need to request a custom DLL to work around the issue?

Thanks
39

PhilMIntertec:
Hi Tan

Our deployment of Aspose.PDF for .NET requires it to be run on medium trust. If we use the latest standard version, does that mean we should have no problems with medium trust? Or do we need to request a custom DLL to work around the issue?

Thanks
Hi Phil,

Thanks for contacting support.

As shared earlier, the API may work under Medium trust environment however concerning to using the latest release, we are further looking into the details of this requirement and will keep you posted with our findings. We are sorry for this delay and inconvenience.
40

PhilMIntertec:
Our deployment of Aspose.PDF for .NET requires it to be run on medium trust. If we use the latest standard version, does that mean we should have no problems with medium trust? Or do we need to request a custom DLL to work around the issue?
Hi Phil,

Thanks for your patience.

I have further discussed the scenario with product team and following our observations. The Medium trust was added to our product 2 years ago for .net 2.0. However Microsoft implemented other security systems starting from .net 4.0 and medium trust was marked as deprecated.

The official position of the ASP.NET team is that Medium Trust is obsolete, so it means following actions were taken:

We are automatically marked all Medium Trust-related bugs reported to us as “won’t fix”.
We have provided guidance that everyone needs to migrate away from Medium Trust and use proper OS-level isolation instead (ASP.NET Partial Trust does not guarantee application isolation - Microsoft Support).
We are removing Medium Trust support from the frameworks we developed (MVC, WebAPI, SignalR, and so on) and going forward, applications built on these frameworks will require Full Trust.
In current context, the term “Medium Trust” above refers to all non-Full Trust configurations in ASP.NET, including use of the built-in trust levels (Minimal, Low, Medium, High) or any custom trust levels.

Later on in May 2015, the .NET Framework as a whole was deprecated for partial trust and customers were advised not to rely on it as a security boundary. From MSDN:
Code Access Security in .NET Framework should not be used as a security boundary with partially trusted code, especially code of unknown origin. We advise against loading and executing code of unknown origins without putting alternative security measures in place.

Therefore, it is not recommended to use medium trust. We support medium trust for .net 2.0 but we recommend to get rid of it and use assemblies under .net v. 4.0 and higher. In case you get errors in .net 4.0, we need your code snippet in order to investigate the code and fix the issues.

Should you have any further query, please feel free to contact.