Showing results for 
Search instead for 
Did you mean: 

Code Access Security issues with .Net connector 2.0 & SQL reporting SVCS

Former Member
0 Kudos

Hi to all,

my apologies for the long post, but i have a tough question to all Gurus here around that involves Code access security, SAP Connector for .Net 2.0 and SQL Reporting services 2000.

On my current project we've implemented SQL Reporting Services to provide Reporitng functionalities to an application that interfaces with SAP.

Actually we need to access the data from a SAP RFC in a report, so i've implemented a custom assembly that performs the request to SAP RFC through .Net connector 2.0.

Unfortunately SQL Reporting services has its own policy definition, and because of that using the preview functionality of report designer everything goes ok but when i try to display the report in the report environment i get an error that tells me that the requested FileIOPermission wasn't granted.

A couple of details:

1)i implemented a method named GetData to perform the operation. the method itself instantiates a SAP Proxy class generated by .Net connector 2.0. the code is the following:

public DataSet GetData(string ODV)
string[] fields;
bool firstline=true;
DataSet dsTable=new DataSet();
DataTable dtResults=dsTable.Tables.Add("ZITSD_ODV_CONS");
string result="";
BUSDATATable rfctable=new BUSDATATable();
RFCproxy SAPRFC=new RFCproxy(strcn); <b><= Security Exception thrown here</b>
SAPRFC.Zitsd_Odv_Cons(ODV,ref rfctable);
foreach (BUSDATA BUSDATAtableRow in rfctable)
        if (firstline)
            for (int j=fields.GetLowerBound(0);j<=fields.GetUpperBound(0);j++)
                dtResults.Columns.Add(fields[j].Replace(" ","")+j);
    return dsTable;

the call highlighted in bold calls the following code in RFCproxy class (it's actually here that the exception is thrown):

public RFCproxy(string connectionString) : base(connectionString){


2)I strong named the assembly and modified the policy file to allow fulltrust to the assembly.

3)the workaround i adopted to let it work was to allow fulltrust execution at root level in policy file. In this way everything works fine.

This means that <u>every</u> assembly is fully trusted (and so potentially unsafe).

Does anybody knows what can i do to allow the execution of that code without allowing fulltrust to all code in SQL Reporting Services?

Thank you in advance,


Accepted Solutions (0)

Answers (1)

Answers (1)

Active Contributor
0 Kudos

Have you tried what happens if you turn .NET code-based security off with the command "caspol -s off"?