"Inheritance security rules violated while overriding member" error

"Inheritance security rules violated while overriding member" error

Old forum URL: forums.lhotka.net/forums/t/9914.aspx


matt tag posted on Tuesday, January 04, 2011

Attempting to create a CSLA library with a WPF 4.0 front end.  Every call to DataPortal.Fetch is coming up with the following exception.  Any ideas?

"Inheritance security rules violated while overriding member: 'Csla.Server.DataPortalException.GetObjectData(System.Runtime.Serialization.SerializationInfo, System.Runtime.Serialization.StreamingContext)'.
Security accessibility of the overriding method must match the security accessibility of the method being overriden."

RockfordLhotka replied on Tuesday, January 04, 2011

That seems very odd, I've never seen that exception before (ever).

It seems like that sort of scoping issue would be caught by the compiler, not at runtime. What is the actual exception I wonder? A JIT compiler exception maybe?

I just created a test to ensure the DataPortalException type properly serializes and deserializes and it works fine.

matt tag replied on Tuesday, January 04, 2011

problem solved (for now) - I had to check "This is a Full Trust Application" on the Security tab of the project.  (this is an xbap application).

 

thanks

 

RockfordLhotka replied on Tuesday, January 04, 2011

Ahh, sure! The BinaryFormatter and NetDataContractSerializer (the serializers used by .NET to clone objects) require FullTrust.

There was a thread shortly before the holidays where someone was asking about a version of CSLA .NET that would run in medium trust (like on a hosted web server where you often can't get full trust). I discussed some of my thoughts on what it might take to get the core CSLA 4 Csla.dll to work in medium trust - and it might actually be possible.

The first step is to allow CSLA to use the MobileFormatter for pure .NET applications - thus avoiding the BF and NDCS and their FullTrust requirement...

arnaud897 replied on Sunday, January 08, 2012

In .NET 4.0, ISerializable.GetObjectData(...) is now attributed [SecurityCritical], which is a breaking change from previous .NET versions, and causes the following exception when a DataPortalException is being instanciated in partial trust:

"Inheritance security rules violated while overriding member: 'Csla.Server.DataPortalException.GetObjectData(System.Runtime.Serialization.SerializationInfo, System.Runtime.Serialization.StreamingContext)'.
Security accessibility of the overriding method must match the security accessibility of the method being overriden."

As an alternative, the ISafeSerializationData interface could be used (http://msdn.microsoft.com/en-us/library/system.runtime.serialization.isafeserializationdata.aspx).

Partial trust is not a must, it's an obligation for many hosted environments. .NET 4 rewrite of CAS should be an opportunity for CSLA to permit partial trust.

RockfordLhotka replied on Sunday, January 08, 2012

Although I don't disagree about someday supporting partial trust, I fail to see the issue at present. CSLA has never worked in partial trust, so this new change to GetObjectData seems immaterial. Am I missing something?

The Silverlight version of CSLA works in partial trust - SL is basically only partial trust :)

The primary blocker is the use of the .NET serializers. In 4.3 or 4.5 (I'm not sure which), we will enable the use of MobileFormatter in .NET apps. That should allow core CSLA functionality to work in partial trust.

It is an absolute requirement for 4.5, where we need to support WinRT - and like SL, that runtime doesn't have or allow BinaryFormatter or NDCS.

Copyright (c) Marimer LLC