views:

172

answers:

1

I'm developing a proof of concept web application: A web page with a button that opens the Word Application installed on the user's PC.

I'm stuck with a C# project in Visual Studio 2008 Express (Windows XP client, LAMP server). I've followed the Writing an ActiveX Control in .NET tutorial and after some tuning it worked fine. Then I added my button for opening Word.

The problem is that I can reference the Microsoft.Office.Interop.Word from the project, but I'm not able to access it from the web page. The error says "That assembly does not allow partially trusted callers".

I've read a lot about security in .NET, but I'm totally lost now. Disclaimer: I'm into .NET since 4 days ago.

I've tried to work around this issue but I cannot see the light!! I don't even know if it will ever be possible!

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Drawing;
using System.Data;
using System.Linq;
using System.Text;
using System.Windows.Forms;

using Word = Microsoft.Office.Interop.Word;

using System.IO;
using System.Security.Permissions;

using System.Security;
[assembly: AllowPartiallyTrustedCallers]

namespace OfficeAutomation
{
    public partial class UserControl1 : UserControl
    {
        public UserControl1()
        {
            InitializeComponent();
        }

        private void openWord_Click(object sender, EventArgs e)
        {
            try
            {
                Word.Application Word_App = null;
                Word_App = new Word.Application();
                Word_App.Visible = true;
            }
            catch (Exception exc)
            {
                MessageBox.Show("Can't open Word application (" + exc.ToString() + ")");
            }
        }
    }
}
A: 

The post How to provide extra trust for an Internet Explorer hosted assembly in the .NET Security Blog sheds light on the issue. It's dated 2003 so things could have changed now... I don't know.

But a commenter asked (2006)

Is it possible to execute the .net assembly with all the trust permission without changing anything on the client side? We previously have been using a signed ActiveX in a CAB that was working fine, and try to port it to C#.

And Shawnfa answered

No, it is not currently possible to elevate your permissions on the client side for a control. The closest option is ClickOnce which will allow you to prompt and elevate an application -- although this application will not be hosed in the web page.

Andrea