不允许在此安全级别反序列化

are not permitted to be deserialized at this security level

我有一个应用程序可以在除 2 个服务器之外的任何其他地方运行。网络和应用程序。 Web 对 App 服务器使用 .NET Remoting。

我们有 typeFilterLevel= Full,远程处理在 Global.asax 上有效,但在 .aspx 页面上无效。

错误如下。

Raw url: /welcome.aspx
System.Security.SecurityException: Type System.Runtime.Remoting.ObjRef and the types derived from it (such as System.Runtime.Remoting.ObjRef) are not permitted to be deserialized at this security level.

Server stack trace: 
   at System.Runtime.Serialization.FormatterServices.CheckTypeSecurity(Type t, TypeFilterLevel securityLevel)
   at System.Runtime.Serialization.Formatters.Binary.ObjectReader.CheckSecurity(ParseRecord pr)
   at System.Runtime.Serialization.Formatters.Binary.ObjectReader.ParseObject(ParseRecord pr)
   at System.Runtime.Serialization.Formatters.Binary.__BinaryParser.Run()
   at System.Runtime.Serialization.Formatters.Binary.ObjectReader.Deserialize(HeaderHandler handler, __BinaryParser serParser, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
   at System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize(Stream serializationStream, HeaderHandler handler, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
   at System.Runtime.Remoting.Channels.CoreChannel.DeserializeBinaryRequestMessage(String objectUri, Stream inputStream, Boolean bStrictBinding, TypeFilterLevel securityLevel)
   at System.Runtime.Remoting.Channels.BinaryServerFormatterSink.ProcessMessage(IServerChannelSinkStack sinkStack, IMessage requestMsg, ITransportHeaders requestHeaders, Stream requestStream, IMessage& responseMsg, ITransportHeaders& responseHeaders, Stream& responseStream)

Exception rethrown at [0]: 
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at System.Runtime.Remoting.Activation.IActivator.Activate(IConstructionCallMessage msg)
   at System.Runtime.Remoting.Messaging.ClientContextTerminatorSink.SyncProcessMessage(IMessage reqMsg)
   at System.Runtime.Remoting.Activation.ActivationServices.Activate(RemotingProxy remProxy, IConstructionCallMessage ctorMsg)
   at System.Runtime.Remoting.Proxies.RemotingProxy.InternalActivate(IConstructionCallMessage ctorMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at OnSIS.Common.Utilities..ctor()
   at OnSIS.Web.Welcome..ctor()
   at ASP.welcome_aspx..ctor()
   at __ASP.FastObjectFactory_app_web_welcome_aspx_cdcab7d2_gkkoykn5.Create_ASP_welcome_aspx()
   at System.Web.Compilation.BuildManager.CreateInstanceFromVirtualPath(VirtualPath virtualPath, Type requiredBaseType, HttpContext context, Boolean allowCrossApp)
   at System.Web.UI.PageHandlerFactory.GetHandlerHelper(HttpContext context, String requestType, VirtualPath virtualPath, String physicalPath)
   at System.Web.HttpApplication.MapHttpHandler(HttpContext context, String requestType, VirtualPath path, String pathTranslated, Boolean useAppConfig)
   at System.Web.HttpApplication.MapHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
The Zone of the assembly that failed was:
MyComputer 2017/07/17 09:43:25

同样,这一切在生产服务器和十几个测试服务器中都运行得非常好,完全相同的代码。但是我们的生产支持服务器决定它不想再工作了。我正在寻找要检查的内容,看看 Web 或应用服务器上可能出现的错误会导致上述错误。

远程配置(网络服务器)

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <system.runtime.remoting>
    <application>
      <channels>
        <channel ref="http" useDefaultCredentials="true" port="0">
          <clientProviders>
            <formatter ref="binary" typeFilterLevel="Full" />
          </clientProviders>
        </channel>
      </channels>
      <client url="http://10.10.10.10/AppServer">
        <activated type="MyApp.Common.Utilities,MyApp.Common" />
      </client>
    </application>
  </system.runtime.remoting>
</configuration>

WEBCONFIG(应用服务器)

<?xml version="1.0"?>
<configuration>
<system.runtime.remoting>
    <application>
      <service>
         <activated type="MyApp.Common.Utilities,MyApp.Common"/>      
      </service>
      <channels>
        <channel ref="http"/>
        <serverProviders>
          <formatter ref="binary" typeFilterLevel="Full" />
        </serverProviders>
      </channels>
    </application>
</system.runtime.remoting>
</configuration>

经过 2 周的搜索,我们终于找到了问题所在。我们的运营团队安装了一些我认为是 New Relic 的监控软件。他们没有告诉任何人,也没有跟踪或告诉任何人他们在做什么。我们卸载了软件,备份了环境运行。当您同时对环境进行多项更改时,就会发生这种情况。您忘记了自己的所作所为以及导致环境恶化的原因。

此问题是由 New Relic 监控代理 v6 引起的。具体来说,一个新的 DLL 支持跟踪异步代码(New Relic 的代理以前不支持的东西)。

如果无法卸载代理或恢复到早期版本,则可以删除异步包装器 (C:\Program Files\New Relic.NET Agent\Extensions\NewRelic.Providers.CallStack.AsyncLocal.dll).这将恢复 .NET Remoting 功能,但代价是 New Relic 无法在您的代码中检测异步方法。