0

Edit FIXED!: I feel silly; So after days of investigation and debugging and what not, the answer is/was that the websites were setup the same except for one place I never thought to look; the directories on the live site were inadvertently created using an administrative share instead of the local physical path on the server. After switching the path on the live site, the API works as intended with the rest of the code.

Original Problem:

I have two websites that are hosted on the same server within the same app pool. Website 1 is my testing bed. I have a small class that attempts to call a 3rd part function that basically equates to verifying that a given user exists in the 3rd party's allowable users. If so, it returns true, else returns false. If the return is true, it will redirect to this third party otherwise the user doesn't know anything about the 3rd party.

On my development site, I have the code working 100% without errors, and I get the expected outcome in either case. It's always worked here, never been a problem. However, when I move it to the live site, I get Request for the permission of type 'System.Net.WebPermission, Failed . After extensive googling I am still left puzzled, it's been days. Here's why I am so puzzled:

  1. The server and account that the live and dev site run under are identical.
  2. Their app pools are one in the same
  3. The code is 100% identical.
  4. The web.configs are identical.

Perhaps the single most puzzling part of this is that I use a master-page system in vb.net . The code actually executes in the page_load event of the master-page. The dev site runs without issue, but as soon as you even try to load the page, the code throws the exception. The strangest part is that if I take the code out of the master-page page_load and create a new blank page with nothing but this call and the page_load code that calls it, it works.

I've examined this master-page so thoroughly, and I cannot believe it works on dev but not live, and I was completely taken aback yesterday when my experiment with a new page and the same code worked on the live site.

What I've tried so far in trying to resolve this:

  1. Load user profile = true in the AppPool
  2. Did a direct compare of the code to ensure it is 1:1
  3. Verified permission for the account this runs under
  4. Rebooted web servers
  5. Set Full trust via the web/config

I'm at a loss. Below is the code - it's so simple and yet this problem persists. I cannot figure out why it works on the live site just not with specific page I need it to. Here's the respective code:

Sub page_load()      
    If Not Page.IsPostBack Then
        Dim SFUser As New StorefrontUser
        'Response.Write(SFUser.GetadminticketValue)
        If SFUser.isActiveStorefrontUser = 1 Then
            LBCELink.Style.Add("visibility", "visible")
        Else
            LBCELink.Style.Add("visibility", "hidden")
        End If
    End If
End Sub

And here is the class/function it calls: Public Class StorefrontUser Dim storefront As New SXI.StorefrontAPIHelper("http://subdomain.blah.com/3rdpartyAPI.asmx")

Function isActiveStorefrontUser() As String
    If GetAdminTicket() <> "UNAUTHORIZED ACCESS" Then
        Return storefront.GetValue("UserProperty", "IsActive", storefront.FindUserID(theID))
    Else
        Return "1"
    End If

End Function
Function GetadminticketValue() As String
        Return GetAdminTicket()

End Function
Public Function GetAdminTicket() As String
    Dim ScratchTicket As String = String.Empty
    Try
        ScratchTicket = storefront.ObtainUserTicket("user", "password", "Identity")
    Catch ex As Exception
        HttpContext.Current.Response.Write(ex.ToString)
        ScratchTicket = String.Empty
    End Try
    Return ScratchTicket
End Function

End Class

Works fine on Live site if it's not part of the Master page which it needs to be, works fine on the dev site anywhere. Totally stumped. Apologies if my formatting is poor or if my question lacks clarity; First time caller, long time listener.

One last important piece of information is that a reference to the 3rd party's dll is required to make use of their API - which seems like a valid point of contention except that it works on the blank page I created, just not with this master page which is identical to the dev site's master-page.

Thanks in advance for any light you can shed.

PCPete
  • 1
  • 3
  • Is there anything in the Application Event Log on the server for this web application? You may see an error here with the source being ASP.NET. Often, these kind of errors do get caught and logged here and can give you additional insight. – dash Aug 21 '12 at 12:42
  • It logs that an an unhandled event occurred but nothing helpful beyond that. I can catch the error no problem on the website, but I'm more interested in why it's happening when the same website can run this code otherwise. What would be special about this Master-Page. Thanks! – PCPete Aug 21 '12 at 13:12

0 Answers0