NHibernate, Castle IOC and MVC.NET 2 running in medium trust on shared hosting
Saturday, November 28th, 2009This has caused me a lot of pain today so I thought that I would share my findings!
If you intend to publish your site to shared hosting and they are restricting you to a Medium trust security policy (which is expected really on shared hosting) you need to have assemblies that work properly!
After finding the issue the first thing I did was to get a dev environment that replicated the problem. The easiest way to do this is to set the trust level in the web.config. You can do this by adding this within the system.web element:
<system.web>
<trust level=”Medium”/>
…other tastey elements…..
</system.web>
In the future I will set this before I start programming anything - probably good practice when you know you will be deploying to a medium trust environment but I will put that down to a lesson learnt!
After that you need to build Castle from source with a few additional parameters to make it run in medium trust. To do this you need to check it out from SVN. I had a few problems here too with SVN externals. I ended up getting the latest version of tortoise and checking it out on a Windows 7 VM I had running.
Check it out from here: http://svn.castleproject.org:8080/svn/castle/trunk/
Once fully checked out, open a cmd promt and navigate to the the root of the checked out directory. run this command:
build.cmd -D:assembly.allow-partially-trusted-callers=true release quick build
Watch the window for any errors and please read the error messages if you get any. I got one in relation to not having the .NET 2.0 SDK installed, so guess what - I installed it and tried again and it worked!
OK great now we have some assemblies that will run under medium trust. Copy these over the old versions and make sure you perform a clean build. Thats Castle sorted right? WRONG! It still won’t work.
I then had an issue with Castle.Service.Transations. Read this for more information (http://stackoverflow.com/questions/1038914/using-castle-windsor-and-the-nhibernate-facility-on-shared-hosting). OK no probs got that sorted by registering it in my container:
container.Register(Component
.For(typeof (IActivityManager))
.ImplementedBy(typeof (TLSActivityManager)));
OK we are still not there - a couple more things to do in the web.config. You need to add the requirePermission=”false” attribute the the castel section:
<section name=”castle” requirePermission=”false” type=”Castle.Windsor.Configuration.AppDomain.CastleSectionHandler, Castle.Windsor”/>
I also disabled the NHibernate reflection optimiser:
<item key=”reflection-optimizer”>false</item>
OK almost there - the app will now run. Next was the problem of URL’s and the fact I was not allowed a wild card mapping - fine - no probs, lets update the routing. I changed my routing to the following:
routes.MapRoute(
"Default",
"{controller}.aspx/{action}/{id}",
new {controller = "Home", action = "Index", id = ""},
new[] {”ANAMESPACE.Core.Controllers”});
Yay! That works! There is only one more problem. If I go to / then it can’t find a route regardless of the default file settings. So a bit of a workaround was to add another route after the usual default:
routes.MapRoute(
"",
new { controller = "Home", action = "Index", id = "" },
new[] { “ANAMESPACE.Core.Controllers” });
This feels very wrong and I don’t like it! There must be a better way.
Anyway - screw you shared hosting and medium trust!
