不允许在此安全级别反序列化
are not permitted to be deserialized at this security level
我有一个应用程序可以在除 2 个服务器之外的任何其他地方运行。网络和应用程序。 Web 对 App 服务器使用 .NET Remoting。
我们有 typeFilterLevel= Full,远程处理在 Global.asax 上有效,但在 .aspx 页面上无效。
错误如下。
Raw url: /welcome.aspx
System.Security.SecurityException: Type System.Runtime.Remoting.ObjRef and the types derived from it (such as System.Runtime.Remoting.ObjRef) are not permitted to be deserialized at this security level.
Server stack trace:
at System.Runtime.Serialization.FormatterServices.CheckTypeSecurity(Type t, TypeFilterLevel securityLevel)
at System.Runtime.Serialization.Formatters.Binary.ObjectReader.CheckSecurity(ParseRecord pr)
at System.Runtime.Serialization.Formatters.Binary.ObjectReader.ParseObject(ParseRecord pr)
at System.Runtime.Serialization.Formatters.Binary.__BinaryParser.Run()
at System.Runtime.Serialization.Formatters.Binary.ObjectReader.Deserialize(HeaderHandler handler, __BinaryParser serParser, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
at System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize(Stream serializationStream, HeaderHandler handler, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
at System.Runtime.Remoting.Channels.CoreChannel.DeserializeBinaryRequestMessage(String objectUri, Stream inputStream, Boolean bStrictBinding, TypeFilterLevel securityLevel)
at System.Runtime.Remoting.Channels.BinaryServerFormatterSink.ProcessMessage(IServerChannelSinkStack sinkStack, IMessage requestMsg, ITransportHeaders requestHeaders, Stream requestStream, IMessage& responseMsg, ITransportHeaders& responseHeaders, Stream& responseStream)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at System.Runtime.Remoting.Activation.IActivator.Activate(IConstructionCallMessage msg)
at System.Runtime.Remoting.Messaging.ClientContextTerminatorSink.SyncProcessMessage(IMessage reqMsg)
at System.Runtime.Remoting.Activation.ActivationServices.Activate(RemotingProxy remProxy, IConstructionCallMessage ctorMsg)
at System.Runtime.Remoting.Proxies.RemotingProxy.InternalActivate(IConstructionCallMessage ctorMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at OnSIS.Common.Utilities..ctor()
at OnSIS.Web.Welcome..ctor()
at ASP.welcome_aspx..ctor()
at __ASP.FastObjectFactory_app_web_welcome_aspx_cdcab7d2_gkkoykn5.Create_ASP_welcome_aspx()
at System.Web.Compilation.BuildManager.CreateInstanceFromVirtualPath(VirtualPath virtualPath, Type requiredBaseType, HttpContext context, Boolean allowCrossApp)
at System.Web.UI.PageHandlerFactory.GetHandlerHelper(HttpContext context, String requestType, VirtualPath virtualPath, String physicalPath)
at System.Web.HttpApplication.MapHttpHandler(HttpContext context, String requestType, VirtualPath path, String pathTranslated, Boolean useAppConfig)
at System.Web.HttpApplication.MapHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
The Zone of the assembly that failed was:
MyComputer 2017/07/17 09:43:25
同样,这一切在生产服务器和十几个测试服务器中都运行得非常好,完全相同的代码。但是我们的生产支持服务器决定它不想再工作了。我正在寻找要检查的内容,看看 Web 或应用服务器上可能出现的错误会导致上述错误。
远程配置(网络服务器)
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.runtime.remoting>
<application>
<channels>
<channel ref="http" useDefaultCredentials="true" port="0">
<clientProviders>
<formatter ref="binary" typeFilterLevel="Full" />
</clientProviders>
</channel>
</channels>
<client url="http://10.10.10.10/AppServer">
<activated type="MyApp.Common.Utilities,MyApp.Common" />
</client>
</application>
</system.runtime.remoting>
</configuration>
WEBCONFIG(应用服务器)
<?xml version="1.0"?>
<configuration>
<system.runtime.remoting>
<application>
<service>
<activated type="MyApp.Common.Utilities,MyApp.Common"/>
</service>
<channels>
<channel ref="http"/>
<serverProviders>
<formatter ref="binary" typeFilterLevel="Full" />
</serverProviders>
</channels>
</application>
</system.runtime.remoting>
</configuration>
经过 2 周的搜索,我们终于找到了问题所在。我们的运营团队安装了一些我认为是 New Relic 的监控软件。他们没有告诉任何人,也没有跟踪或告诉任何人他们在做什么。我们卸载了软件,备份了环境运行。当您同时对环境进行多项更改时,就会发生这种情况。您忘记了自己的所作所为以及导致环境恶化的原因。
此问题是由 New Relic 监控代理 v6 引起的。具体来说,一个新的 DLL 支持跟踪异步代码(New Relic 的代理以前不支持的东西)。
如果无法卸载代理或恢复到早期版本,则可以删除异步包装器 (C:\Program Files\New Relic.NET Agent\Extensions\NewRelic.Providers.CallStack.AsyncLocal.dll).这将恢复 .NET Remoting 功能,但代价是 New Relic 无法在您的代码中检测异步方法。
我有一个应用程序可以在除 2 个服务器之外的任何其他地方运行。网络和应用程序。 Web 对 App 服务器使用 .NET Remoting。
我们有 typeFilterLevel= Full,远程处理在 Global.asax 上有效,但在 .aspx 页面上无效。
错误如下。
Raw url: /welcome.aspx
System.Security.SecurityException: Type System.Runtime.Remoting.ObjRef and the types derived from it (such as System.Runtime.Remoting.ObjRef) are not permitted to be deserialized at this security level.
Server stack trace:
at System.Runtime.Serialization.FormatterServices.CheckTypeSecurity(Type t, TypeFilterLevel securityLevel)
at System.Runtime.Serialization.Formatters.Binary.ObjectReader.CheckSecurity(ParseRecord pr)
at System.Runtime.Serialization.Formatters.Binary.ObjectReader.ParseObject(ParseRecord pr)
at System.Runtime.Serialization.Formatters.Binary.__BinaryParser.Run()
at System.Runtime.Serialization.Formatters.Binary.ObjectReader.Deserialize(HeaderHandler handler, __BinaryParser serParser, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
at System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize(Stream serializationStream, HeaderHandler handler, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
at System.Runtime.Remoting.Channels.CoreChannel.DeserializeBinaryRequestMessage(String objectUri, Stream inputStream, Boolean bStrictBinding, TypeFilterLevel securityLevel)
at System.Runtime.Remoting.Channels.BinaryServerFormatterSink.ProcessMessage(IServerChannelSinkStack sinkStack, IMessage requestMsg, ITransportHeaders requestHeaders, Stream requestStream, IMessage& responseMsg, ITransportHeaders& responseHeaders, Stream& responseStream)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at System.Runtime.Remoting.Activation.IActivator.Activate(IConstructionCallMessage msg)
at System.Runtime.Remoting.Messaging.ClientContextTerminatorSink.SyncProcessMessage(IMessage reqMsg)
at System.Runtime.Remoting.Activation.ActivationServices.Activate(RemotingProxy remProxy, IConstructionCallMessage ctorMsg)
at System.Runtime.Remoting.Proxies.RemotingProxy.InternalActivate(IConstructionCallMessage ctorMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at OnSIS.Common.Utilities..ctor()
at OnSIS.Web.Welcome..ctor()
at ASP.welcome_aspx..ctor()
at __ASP.FastObjectFactory_app_web_welcome_aspx_cdcab7d2_gkkoykn5.Create_ASP_welcome_aspx()
at System.Web.Compilation.BuildManager.CreateInstanceFromVirtualPath(VirtualPath virtualPath, Type requiredBaseType, HttpContext context, Boolean allowCrossApp)
at System.Web.UI.PageHandlerFactory.GetHandlerHelper(HttpContext context, String requestType, VirtualPath virtualPath, String physicalPath)
at System.Web.HttpApplication.MapHttpHandler(HttpContext context, String requestType, VirtualPath path, String pathTranslated, Boolean useAppConfig)
at System.Web.HttpApplication.MapHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
The Zone of the assembly that failed was:
MyComputer 2017/07/17 09:43:25
同样,这一切在生产服务器和十几个测试服务器中都运行得非常好,完全相同的代码。但是我们的生产支持服务器决定它不想再工作了。我正在寻找要检查的内容,看看 Web 或应用服务器上可能出现的错误会导致上述错误。
远程配置(网络服务器)
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.runtime.remoting>
<application>
<channels>
<channel ref="http" useDefaultCredentials="true" port="0">
<clientProviders>
<formatter ref="binary" typeFilterLevel="Full" />
</clientProviders>
</channel>
</channels>
<client url="http://10.10.10.10/AppServer">
<activated type="MyApp.Common.Utilities,MyApp.Common" />
</client>
</application>
</system.runtime.remoting>
</configuration>
WEBCONFIG(应用服务器)
<?xml version="1.0"?>
<configuration>
<system.runtime.remoting>
<application>
<service>
<activated type="MyApp.Common.Utilities,MyApp.Common"/>
</service>
<channels>
<channel ref="http"/>
<serverProviders>
<formatter ref="binary" typeFilterLevel="Full" />
</serverProviders>
</channels>
</application>
</system.runtime.remoting>
</configuration>
经过 2 周的搜索,我们终于找到了问题所在。我们的运营团队安装了一些我认为是 New Relic 的监控软件。他们没有告诉任何人,也没有跟踪或告诉任何人他们在做什么。我们卸载了软件,备份了环境运行。当您同时对环境进行多项更改时,就会发生这种情况。您忘记了自己的所作所为以及导致环境恶化的原因。
此问题是由 New Relic 监控代理 v6 引起的。具体来说,一个新的 DLL 支持跟踪异步代码(New Relic 的代理以前不支持的东西)。
如果无法卸载代理或恢复到早期版本,则可以删除异步包装器 (C:\Program Files\New Relic.NET Agent\Extensions\NewRelic.Providers.CallStack.AsyncLocal.dll).这将恢复 .NET Remoting 功能,但代价是 New Relic 无法在您的代码中检测异步方法。