views:

329

answers:

2

I have a windows web 2008 x64 installation running.

Due to the requirement for the application having the ability to import Excel files, I have had to change the web application to run in 32bit mode. The MSAccess/Excel libraries are not available in x64.

I have also had to elavate the application to run in trust=Full. Previously it was under level=medium.

Is there a good workaround to this issue. I want to bring the trust level down and not have to compromise the app to 32bit just because one screen requires excel import (usage of this screen is not frequent as well)

Is it possible to set a particular folder/page to use 32 bit in the application, and the rest as x64. I don't believe you can. And same for trust level. Is the trust level application specific or can i sent it in a nested folder?

+3  A: 

Within the same process you can never have mixed 32bit and 64bit. You could perhaps write a second application that does the Excel stuff for you and then compile it into a 32bit executable. You could then call (execute the file with some parameters) that executable from your web-application (will still require full trust, but it could run 64bit then).

Edit: You don't need full-trust neccessarily. You could also create a custom trust-level. But the point is that it won't run in standard web trustlevel remains.

Foxfire
+1  A: 

As FoxFire correctly points out, you can't mix 32bit and 64bit code in the same process.

Any ASP.NET application that needs to interact with Office will require elevated trust levels.

There is a way around this by using a technique known as 'sandboxing'.

What you do is write a wrapper assembly which does just the work you require done with Excel. Mark the assembly with the [assembly: AllowPartiallyTrustedCallers] attribute, sign it and then deploy into the GAC.

Any classes in this assembly that are required to talk to the Office Interop components should be attributed with [PermissionSet(SecurityAction.Assert, Unrestricted=true)] or whatever demand is required.

This will allow you to lower the trust level on your server but still use the Office components.

This is based on the assumption that you have administrative access to the server to be able to drop the 'trusted' sandbox assembly into the GAC.

Kev