Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change CallContext to AsyncLocal #64

Closed
pengweiqhca opened this issue Nov 15, 2021 · 5 comments · Fixed by #65
Closed

Change CallContext to AsyncLocal #64

pengweiqhca opened this issue Nov 15, 2021 · 5 comments · Fixed by #65
Labels
enhancement help wanted

Comments

@pengweiqhca
Copy link
Contributor

Refactoring HttpRequestMessageProvider, change CallContext to AsyncLocal.

System.Security.SecurityException : Type System.Runtime.Remoting.ObjRef and the types derived from it (such as System.Runtime.Remoting.ObjRef) are not permitted to be deserialized at this security level.

Server stack trace: 
   at System.Runtime.Serialization.FormatterServices.CheckTypeSecurity(Type t, TypeFilterLevel securityLevel)
   at System.Runtime.Serialization.Formatters.Binary.ObjectReader.CheckSecurity(ParseRecord pr)
   at System.Runtime.Serialization.Formatters.Binary.ObjectReader.ParseObject(ParseRecord pr)
   at System.Runtime.Serialization.Formatters.Binary.ObjectReader.Parse(ParseRecord pr)
   at System.Runtime.Serialization.Formatters.Binary.__BinaryParser.ReadObjectWithMapTyped(BinaryObjectWithMapTyped record)
   at System.Runtime.Serialization.Formatters.Binary.__BinaryParser.ReadObjectWithMapTyped(BinaryHeaderEnum binaryHeaderEnum)
   at System.Runtime.Serialization.Formatters.Binary.__BinaryParser.Run()
   at System.Runtime.Serialization.Formatters.Binary.ObjectReader.Deserialize(HeaderHandler handler, __BinaryParser serParser, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
   at System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize(Stream serializationStream, HeaderHandler handler, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
   at System.Runtime.Remoting.Channels.CoreChannel.DeserializeBinaryRequestMessage(String objectUri, Stream inputStream, Boolean bStrictBinding, TypeFilterLevel securityLevel)
   at System.Runtime.Remoting.Channels.BinaryServerFormatterSink.ProcessMessage(IServerChannelSinkStack sinkStack, IMessage requestMsg, ITransportHeaders requestHeaders, Stream requestStream, IMessage& responseMsg, ITransportHeaders& responseHeaders, Stream& responseStream)

Exception rethrown at [0]: 
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at ......
@tillig
Copy link
Member

tillig commented Nov 15, 2021

I don't understand what you're asking for here. The call stack doesn't appear to have any Autofac components and there's not enough information here to understand why you'd want to change the HttpRequestMessageProvider. I see there's a security related exception, but I don't understand the conditions under which that would occur. Please provide more information so we can understand better the problem and ensure the fix is correct (and that it won't get regressed later).

@pengweiqhca
Copy link
Contributor Author

pengweiqhca commented Nov 16, 2021
edited
Loading

I don't understand what you're asking for here. The call stack doesn't appear to have any Autofac components and there's not enough information here to understand why you'd want to change the HttpRequestMessageProvider. I see there's a security related exception, but I don't understand the conditions under which that would occur. Please provide more information so we can understand better the problem and ensure the fix is correct (and that it won't get regressed later).

Because, I call builder.RegisterHttpRequestMessage(GlobalConfiguration.Configuration) in Startup.cs, and call a remoting service in webapi.

If I delete builder.RegisterHttpRequestMessage(GlobalConfiguration.Configuration) or refactoring HttpRequestMessageProvider use AsyncLocal, I will not get a exception.

@tillig
Copy link
Member

tillig commented Nov 16, 2021

Remoting? 😱 I see. OK, that wasn't clear.

Yeah, we can probably do that. I'm not sure how quickly one of us can do it, but we'd take a PR. We'd also need to make sure it's tested out before we release to make sure the change doesn't break folks. Things don't change much in here and that could be a subtle breaking thing.

@tillig
Copy link
Member

tillig commented Nov 16, 2021

Is there a way to do a local build of Autofac.WebApi so you can test that would fix it? I want to make sure we aren't changing something that won't actually end up helping. Remoting and security context stuff can be a little tricky and changing one thing might reveal the problem to just be something else underneath it.

@pengweiqhca
Copy link
Contributor Author

Is there a way to do a local build of Autofac.WebApi so you can test that would fix it? I want to make sure we aren't changing something that won't actually end up helping. Remoting and security context stuff can be a little tricky and changing one thing might reveal the problem to just be something else underneath it.

I refactoring HttpRequestMessageProvider, and it work well.

@pengweiqhca pengweiqhca mentioned this issue Nov 16, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement help wanted
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Use AsyncLocal hold HttpRequestMessage. pengweiqhca/Autofac.WebApi
2 participants
@tillig @pengweiqhca