Configuring components for the medium trust environment
The .NET Framework provides a batch of predefined code access security policies, categorized into several trust levels, which determine the permissions available for applications running on the given machine.
The medium trust level is often used by web hosting providers on shared servers to prevent applications from accessing certain resources that could be harmful to other websites running on the server. Kentico CMS can be used with the default medium trust policy. To run the system under medium trust, you need to follow certain rules. These components require higher than medium trust and must be considered in this situation:
|Components to consider when running under medium trust environment||Configuring the components for medium trust (anchor links)|
|Staging module - ensures synchronization of content between production and live site servers.||Staging (MS Web Services Extensions 3.0)|
|Bounced e-mail monitoring - this feature of the newsletters module tracks the amount of unsuccessfully delivered e-mails.||Bounced e-mail monitoring|
Staging (MS Web Services Extensions 3.0)
This section applies only if you're using the.
The Microsoft.Web.Services3.dll library from the Web Services Extensions 3 (WSE) package which is used by the Staging module requires Full trust permissions because of the low level operations related to the communication protocols. To ensure the proper functionality, the library needs to be registered in the Global Assembly Cache (GAC) of the server. The library is provided by Microsoft and most hosting providers pre-install it on their shared servers.
If you manage the server, please follow these steps:
1. Go to Control panel -> Administrative tools -> Microsoft .NET Framework 2.0 Configuration.
2. Select the Assembly cache, click on Add an Assembly to the Assembly Cache and select the bin\Microsoft.Web.Services3.dll library file from your web project.
3. Delete the bin\Microsoft.Web.Services3.dll file from your web project if it's present.
4. Make sure that your project web.config file contains the following item:
<system.web> ... <compilation debug="false" numRecompilesBeforeAppRestart="100"> <assemblies> ... <add assembly="Microsoft.Web.Services3, Version=184.108.40.206, Culture=neutral, PublicKeyToken=31bf3856ad364e35" /> ... </assemblies> </compilation> ... </system.web>
If you are not able to install the library to the GAC or convince your web host to do so, you may still run Kentico CMS under medium trust, but you will not be able to use the Staging module. If this is the case, you will need to manually remove some of the system components by deleting the bin/Microsoft.Web.Services3.dll file from your web project if it is present.
After these changes, your system will work correctly in a medium trust environment but you will not be able to use content staging operations.
Bounced e-mail monitoring
This section is only relevant if you wish to use the bounced e-mails feature of the newsletters module in a medium trust environment.
To be able to check bounced e-mails, the newsletters module makes use of a component that creates outgoing network connections using POP3, a standard e‑mail protocol for receiving maildrops from an e-mail server. This component requires the SocketPermission for its operation, otherwise it fails when attempting to connect to the server. This permission is denied for applications under medium trust.
If you cannot raise the trust level or create a custom security policy that includes this permission, the only solution is to attempt to convince the hosting providers to grant the SocketPermission to your application. If you are unable to do so, the bounced e‑mail monitoring feature will unfortunately not be functional in a medium trust environment.