Feed Icon  


  • Bryant Likes
  • Send mail to the author(s) E-mail
  • twitter
  • View Bryant Likes's profile on LinkedIn
  • del.icio.us
Get Microsoft Silverlight
by clicking "Install Microsoft Silverlight" you accept the
Silverlight license agreement

Hosting By

Hot Topics


Open Source Projects



Accessing Databases via Custom Code

Posted in Reporting Services | General at Wednesday, July 21, 2004 7:10 AM Pacific Daylight Time

Another good question in response to my Custom Code in Report Services article.

I am trying to access a database through a custom assembly and I already have the following in the rssrvpolicy.config file , but I still get the #Error. [snip] Do I need an associated permission set? And what would that be if I do, I dont know?

The answer that yes you do need an associated permission set. If you're using the System.Data.SqlClient to connection to a SQL Server database then you will need the SqlClientPermission. This would look like:

    Description="A special permission set that grants sql access.">
      Flags="Execution, Assertion"

So where did I get this information from? I already knew that the SqlClientPermission was what I needed from some previous projects and I was able to determine what the IPermission section should look like based on Lamont's post. However, this brings up something that I've been unable to figure out: how do you figure out what should be in the IPermission section?

Maybe I'm just missing it but I read through a few CAS articles and I've searched through the documentation and yet somehow this remains a total mystery to me. Is this documented somewhere? Can you point me to it?

The question (from above) continues:

And do I need to do step 3 and 4 of your article for my custom assembly if I am only accessing a database from my function.
And If I do, what would step 3 and 4 be?

Yes you do need to do steps 3 and 4. Step 4 would be exactly the same. In step 3 you would need to assert the SqlClientPermission on your method as follows:

<SqlClientPermission(SecurityAction.Assert)> _
Public Shared Function Foo() as String

public static string Foo()

I'm going to go back and read up some more on CAS. It is something every .Net developer should understand.


For some reason when I was testing this I was getting a security exception even though I was asserting SqlClientPermission on the method call. I found I had to actually assert the permission in my code before it would work. The code I used is posted below. I would really like to understand this better but I'm actually heading out of town for a few days with my wife for our 1st wedding anniversary.

Dim perm as SqlClientPermission new SqlClientPermission(PermissionState.Unrestricted)

SqlClientPermission perm = new SqlClientPermission(PermissionState.Unrestricted);


Wednesday, July 21, 2004 10:08:00 PM (Pacific Daylight Time, UTC-07:00)
Bryant is too good. Your the man!
Monday, September 13, 2004 2:45:00 PM (Pacific Daylight Time, UTC-07:00)
The reason you need initiate permission object in your code is that you did not assert unrestricted permission on your permissio attributes for the protected method.
<br>using this one should eliminate the usage of instance of sqlclientpermission in your code:
<br>[Visual Basic]
<br><SqlClientPermission(Permissions.SecurityAction.Assert, Unrestricted:=True)>
<br>[SqlClientPermission(Permissions.SecurityAction.Assert, Unrestricted=True)]
<br>Henry Wang
Henry Wang
Tuesday, September 28, 2004 12:29:00 AM (Pacific Daylight Time, UTC-07:00)
I was wondering if it is possible to access authentication cookie values directly from cutom code. I am using custom authentication. I tried accessing it with HttpCookie class after referencing system.web. It didn't give an error at compile time but gives one at runtime. Do you know if it's possible.
<br>Do I need an associated permission set? Do you know what the IPermission section should in this case
<br>Any sample code would be helpful.
Wednesday, October 13, 2004 2:10:00 AM (Pacific Daylight Time, UTC-07:00)
Hi,Bryant, Can you help me to figure out how to reference other instance(like in other businee lay) which in the different project in Custom Code.
<br>For Example, I have a
<br>Function getString(parm1,parm2) as String
<br>dim s as new aObjectFromBusinessLay-----((this object have database access)))
<br> s.ID=123
<br> s.Load()
<br> getString=s.getString()
<br>End Function
<br>If I call this function in web form I can get the right result so the function its self work. But when I treat it as Custom Assemply code and reference in report as instance base custom code. I can do any instance base custom code if not use any reference to another object in my function. I try to follow your article to change the associated permission set in the policy config file. I still get the #error in my report.
Thursday, October 14, 2004 9:40:00 PM (Pacific Daylight Time, UTC-07:00)
Thanks a lot, you helped me.
Brano Gerzo
Monday, November 1, 2004 4:51:00 AM (Pacific Standard Time, UTC-08:00)
I still get the #Error (Security Exception) and I have done everything that both your articles say. Any other suggestions?
<br>Thanks for doing this, btw.
Thursday, March 30, 2006 12:43:38 AM (Pacific Standard Time, UTC-08:00)
This has really helped me out, and I am very grateful.
Ed Allison
Saturday, November 11, 2006 2:31:19 AM (Pacific Standard Time, UTC-08:00)
Hi everyone. :)
Has anyone managed to get this to work with Visual Studio 2005? I'm using C# where I wrote a custom assembly for my Reporting Services (SQL 2005) and I am still stuck with all these permissions problems.
Thanks a mil,
Comments are closed.