Hi, I've forked hornget and added support for building with APTCA. See http://github.com/roelofb/hornget/tree/dev
run 'hornget -install:castle.windsor -mode:aptca' The following projects can be build with APTCA: Core, DP, Windsor, and AR. AR's 3rd party dependencies are also create with APTCA. I have not tested it for real on medium trust, but all assemblies have the necessary attribute so theoretically it should work. No guarantees though. -- Roelof. On Tue, Feb 16, 2010 at 9:54 AM, Roelof Blom <[email protected]> wrote: > Hi, > > To build Windsor with APTCA you'll need to jump through the following > hoops: > > 1. svn co https://svn.castleproject.org/svn/castle/Core/trunk Core > 2. svn co > https://svn.castleproject.org/svn/Castle/DynamicProxy/trunkDynamicProxy > 3. svn co > > https://svn.castleproject.org/svn/Castle/InversionOfControl/trunkInversionOfControl > 4. cd Core > 5. nant -D:assembly.allow-partially-trusted-callers=true > -D:common.run-tests=false -D:project.config=release > 6. copy /y build\net-3.5\release\Castle.Core.* > ..\DynamicProxy\lib\net-3.5 > 7. copy /y build\net-3.5\release\Castle.Core.* > ..\InversionOfControl\lib\net-3.5 > 8. copy /y build\net-3.5\release\Castle.Services.* > ..\InversionOfControl\lib\net-3.5 > 9. cd ..\DynamicProxy > 10. nant -D:assembly.allow-partially-trusted-callers=true > -D:common.run-tests=false -D:project.config=release > 11. copy /y build\net-3.5\release\Castle.DynamicProxy2.* > ..\InversionOfControl\lib\net-3.5 > 12. cd ..\InversionOfControl > 13. nant -D:assembly.allow-partially-trusted-callers=true > -D:common.run-tests=false -D:project.config=release > > You can find the APTCA assemblies in > InversionOfControl\build\net-3.5\release. > Please let me know if this worked for you. > > I am the first to agree that this is a lot work, and back before we split > the trunk into individual projects, with binary instead of source > dependencies, this used to be a lot easier. I don't know if hornget > <http://code.google.com/p/hornget/>has a mode to build with APTCA. > > -- Roelof. > > > > > On Tue, Feb 16, 2010 at 7:43 AM, BSP <[email protected]> wrote: > >> Thanks for the reply Hammett. >> >> Thing is, it's just frustrating to get jazzed about something, then >> not be able to put it into play. I'm fairly stoked about MVC and I can >> do it without IoC, but I'd really rather not. I'm sure the >> implications of running medium vs. full trust are significant, but as >> far as I can tell from my blog browsing the last few days after work, >> there seem to be a large number of providers running under medium >> trust. I'm personally using godaddy (for now ... but probably not for >> long) and it seems there are many others. At least now I know one more >> thing to ask about when I'm shopping other hosts. >> >> As for my current situation, it seems it would be better for someone >> familiar with the project to run a stable build with the partial trust >> setting rather than having someone completely unfamiliar with the code >> base trying to fire one off. I know the idea behind OS it to get >> people involved, but I just pulled down around 150 MB of code and dlls >> that I've never seen before and ran a build process that I obviously >> don't know how to diagnose problems with. It seems too that with the >> amount of dialog I've read on it, there are going to be people (like >> me) that don't know what they are doing flubbing the build in growing >> numbers. And the MS MVC dlls that I had to bin deploy seem fine ... so >> I assume they are ok with medium trust. >> >> And, I'm not trying to bag on the contributors. Castle seems pretty >> top notch and introduces a cool new way to do things. But, a partial >> trust build would sure hit the spot. :) >> >> Anyway, I'll keep an eye on this chain and hopefully have some free >> time this week to try and get a good build going with the appropriate >> flags. It's just a really time consuming process ... >> >> Cheers, >> B >> >> >> >> On Feb 16, 12:18 am, hammett <[email protected]> wrote: >> > I hear you, but it's not a simple solution. It wont matter if us aptca >> > all our code, our dependencies (and their dependencies) also need to >> > do it. Security is pervasive thing and so far OSS projects dont seem >> > to be paying much attention to it. aptca has a big security >> > implication, that's why I think the castle team doesnt provide a >> > ready-to-use build with it. >> > >> > The simplest solution is security transparency, but even that is >> > complicated in .net 3.5. In v4.0 things got simplified and I'm hoping >> > castle team will make an effort to adopt it and persuade others to do >> > the same, as to lower the amount of hassle it creates for our users. >> > >> > >> > >> > >> > >> > On Mon, Feb 15, 2010 at 10:02 PM, BSP <[email protected]> wrote: >> > > Guys, I'm trying to learn MS MVC. I bought Steve Sanderson's book Pro >> > > MVC which praises Castle throughout most of the book. It is all slick >> > > and works well on my local machine. I've really enjoyed learning the >> > > basics of IoC. Problem: As soon as I try to deploy to a medium trust >> > > environment, no go. >> > >> > > I've spent the last two days trying to figure out a way to get this >> > > going. I've read countless posts, googled till I can google no more, >> > > and all signs point to a full rebuild of the Castle project. Now, >> > > frankly, that's more than I bargained for with the purchase of the >> > > book, but I like the technology and I'm a developer ... I know how to >> > > use SVN ... what the hey right? The link I originally found on this >> > > group here (http://tinyurl.com/yhj5yga) posted by 'Roelof' pointed me >> > > to an SVN location. I grabbed the code, ran the build command and it >> > > all blowed up on the same error the above poster is having. So now I'm >> > > really getting frustrated. I really don't have the time to debug the >> > > reasons I can't grab a large base of code off the net and get it to >> > > build on my crappy home Vista box. I'm sure the reasons are many and >> > > varied. Mark, from above, has made it farther than I could in a week. >> > >> > > So, my question is this. Would it be at all possible to get someone >> > > involved in this project to create a medium trust build and post it to >> > > the project site? It seems to be a fairly common request. >> > >> > > You'd be hooking all of us medium-trust-crappy-host-service-provider- >> > > having-slugs up and we'd really owe you one. >> > >> > > Best Regards, >> > > B >> > >> > > On Feb 15, 10:51 pm, Mark <[email protected]> wrote: >> > >> What's the best way to check whether APTCA is being applied? >> > >> > >> So far I've been testing for it through trial and error as I'm not >> > >> aware of a better way... >> > >> > >> If I use a build without the -D:assembly.allow-partially-trusted- >> > >> callers=true argument when I try to use active record in medium trust >> > >> I get a SecurityException at: >> > >> > >> IConfigurationSource source = ActiveRecordSectionHandler.Instance; >> > >> > >> With the allow-partially-trusted-callers=true it makes it to the line >> > >> in ActiveRecordStarter.cs that I referenced in my earlier post. >> > >> > >> I've tried adding [assembly: AllowPartiallyTrustedCallersAttribute] >> to >> > >> the ActiveRecordModelBuilder.cs file but when I try to compile it, I >> > >> receive the compile error: >> > >> > >> CS0579: Duplicate 'AllowPartiallyTrustedCallersAttribute' >> > >> > >> Thanks in advance, >> > >> Mark >> > >> > >> On Feb 15, 7:56 pm, hammett <[email protected]> wrote:> Could you >> check whether the APTCA is being applied to the >> > >> > castle.activerecord.dll? >> > >> > >> > On Mon, Feb 15, 2010 at 5:45 PM, Mark <[email protected]> >> wrote: >> > >> > > I've gone through and built Castle.Core, Castle.ActiveRecord, and >> > >> > > Castle.DynamicProxy with >> > >> > >> > -- >> > >> > Cheers, >> > >> > hammetthttp://hammett.castleproject.org/ >> > >> > > -- >> > > You received this message because you are subscribed to the Google >> Groups "Castle Project Users" group. >> > > To post to this group, send email to >> [email protected]. >> > > To unsubscribe from this group, send email to >> [email protected]<castle-project-users%[email protected]> >> . >> > > For more options, visit this group athttp:// >> groups.google.com/group/castle-project-users?hl=en. >> > >> > -- >> > Cheers, >> > hammetthttp://hammett.castleproject.org/- Hide quoted text - >> > >> > - Show quoted text - >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Castle Project Users" group. >> To post to this group, send email to >> [email protected]. >> To unsubscribe from this group, send email to >> [email protected]<castle-project-users%[email protected]> >> . >> For more options, visit this group at >> http://groups.google.com/group/castle-project-users?hl=en. >> >> > -- You received this message because you are subscribed to the Google Groups "Castle Project Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/castle-project-users?hl=en.
