CAS permissions required to host HealthVault ASP.NET Applications...

  • Article

Using Microsoft.Health.Web.dll in an ASP.NET application requires various permissions and security demands to work properly. Some hosting providers will only allow ASP.NET applications to be hosted in a medium trust environment which doesn’t offer all the required permissions. If this situation occurs you must negotiate with the hosting provider to get the following permissions for your application.

 

· System.Web.AspNetHostingPermission

· System.Security.Permissions.EnvironmentPermission

· System.Security.Permissions.FileIOPermission

· System.Security.Permissions.ReflectionPermission

· System.Security.Permissions.RegistryPermission

· System.Security.Permissions.KeyContainerPermission

· System.Security.Permissions.SecurityPermission

 

In addition, certain features exposed through Microsoft.Health.Web.dll and Microsoft.Health.dll require additional permissions or security demands.

 

Microsoft.Health.dll:

· SerializationFormatter – All .NET API exceptions support serialization using the GetDataObject virtual method which requires a LinkDemand for SerializationFormatter

· Full trust required to call HealthRecordItem.ValidateCertificate() and HealthRecordItem.IsSignatureValid() and will fail in partial trust environments.

 

Microsoft.Health.Web.dll:

· AspNetHostingPermissionLevel.Minimal – LinkDemand and InheritanceDemand required to use HealthRecordItemDataGrid

· AspNetHostingPermissionLevel.Minimal – LinkDemand and InheritanceDemand required to use HealthServicePage