I have .Net framework 4.0. It doesn't provide the Configuration tool as earlier versions did.
With framework 4.0, how do we see the permissions given to an assembly?
Short answer is that "You don't see them anymore".
.NET Framework 4 introduced many changes to the .NET application's security model. Here are two good introductions on the subject:
Exploring the .NET Framework 4 Security Model
Security Changes in the .NET Framework 4
One of the biggest changes is that the machine-wide policy control has been disabled by default and all the managed code runs as fully trusted by default. Microsoft recommends that instead of using a machine-wide CAS policy, one should look for solutions like Windows Software Restriction Policies. From now on, assemblies' security level should be controller by the host (your application). If one still wants to use the old CAS policy, the following configuration switch provides a legacy security model:
<configuration>
<runtime>
<!-- enables legacy CAS policy for this process -->
<NetFx40_LegacySecurityPolicy enabled="true" />
</runtime>
</configuration>
So, you don't have to worry about the machine-level assembly permissions anymore when running a .NET Framework 4 software. You use your own application (the host) to control the permissions.
Related
I like to know what is the difference between ISAM Federation vs IBM Tivoli Federated Identity Manager (TFIM)?
Does ISAM Federation supports SAML 2.0 or for that I need TFIM?
ISAM starting at version 9.0 has an additional module "Federation" activated by separate license.
Technically it is embedded instance of TFIM component (that previously needed to be deployed on external server) so most of external TFIM functionalities are working in ISAM's embedded Federation Module.
So answering your question, yes, Embedded Federation Module does support SAML2 and OpenID.
You should choose the ISAM+Federated Module for SAML2 unless you will be doing some extremely complicated scenarios like clustering or would ever need altering configuration by response files (which might be limited in ISAM appliance).
So we have developed an application that uses the .net 4.0 full(extended) libraries. Our workstations only have .Net 4.0 client on them. Our applications and infrastructure teams are wary about having us deploy .Net 4.0 full to all the workstations and wants to take some time to discuss and test.
Is there some way to deploy the extra .Net Extended dlls with our application so we can go around this?
No, you cannot supplement with just the dlls. All you can do is update to the full profile or find the features in your app that require the full profile and re-write them to avoid that requirement.
There's actually not that much difference between the two profiles. See the answers to this question for a more complete explanation:
Client Profile vs Full
That means that you may have an easier time than you think either re-writing the app to avoid the features, or convincing your staff to update the profile deployed to the workstations. It's likely just some advanced WCF features or a type provided with ASP.Net (like HttpUtility) that you're missing.
We are considering to change our present .net2 on IIS6 server to .net4 (or 4.5). Can someone help us with some basics about this?
After we install .net4 to our production IIS. Is every .net site defaulting to .net4?
we have had some dificulties with 64-bit version so we have forced IIS6 to run in 32-bit mode. Does update do something to this? After installing .net4, how can we force specific application pool to operate on .net2 mode and on 32.bit mode?
What problems there might come out on transforming .net2 sites directly to .net 4 sites? Or is there any?
It's been a while since I've last used .NET, but here's my general suggestion.
First, Migrate to .NET 4! .NET 4 offers better security and new features. Consider that as your first option.
Second, in my experience, if you have multiple versions of framework installed on the server, you should be able to choose which version to operate that site.
Lastly, I'm not sure about 32/64 bit thing, but my suggestion is to simply fix it! Applications, especially heavy-load applications can operate better in 64-bit mode.
Make you application as future-proof as possible!
As for what problems you might run into, I really depends on what kind of APIs you're using, chances are, they will be a few deprecated methods, properties. Also, look at some new features, there might be new APIs worth trying, try that at a development server, it might increase overall user experience and even application performance.
Good luck!
Is every .net site defaulting to .net4?
When you add some website to IIS, it is assigned "DefaultAppPool" by default. So, it depends on what version of .NET framework set for your "DefaultAppPool". You can change application pool to target specific .NET framework.
After installing .net4, how can we force specific application pool to operate on .net2 mode
You can define more than one Application Pools in IIS targeting different .NET frameworks and then assign different Application Pools to different websites.
What problems there might come out on transforming .net2 sites directly to .net 4 sites? Or is there any?
I think it usually depends on your website; the libraries referenced, the patterns used, etc. No one can give you clear answer of it.
How can you detect whether a PC has the .Net 4 Full Profile installed, as opposed to the .Net 4 Client Profile?
Here are the registry keys. Also if your application is targeting the full .NET 4.0 profile and this profile is not installed you will probably not go as far as checking the registry keys because your application won't run at all. So this check is better to be done when deploying the application on the client machine as part of the setup and deployment project. You could use a launch condition:
Simple question -> for dedicated website hosting, do i need to download and install the full ASP.NET 4.0 package, or just the client.
I understand the client is required for end users who need the .NET framework for their windows form applications.
But i'm not sure for a web hosting sceanrio.
Also, don't worry about talking about x86 or x64 - i understand the differences with the packages, etc.
The ASP.Net runtime is only included with the Full installation.
(This is one of the biggest savings of the client profile; ASP.Net is large)
Yes you would need the full. The client profile specifically excludes ASP.NET.