Bug #45153 MySQL Connector/Net needs to be in the GAC for Roles.AddUserToRole
Submitted: 28 May 2009 11:34 Modified: 24 Feb 2010 22:29
Reporter: James Gurung Email Updates:
Status: Closed Impact on me:
Category:Connector / NET Severity:S3 (Non-critical)
Version:6.0.3 OS:Any
Assigned to: Reggie Burnett CPU Architecture:Any
Tags: addusertorole, gac, roles, trust

[28 May 2009 11:34] James Gurung
Calling Roles.AddUserToRole in ASP.NET 3.5 with a MySQL 5 membership database throws the following exception:

Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request failed.

Stack trace:
[SecurityException: Request failed.]
   MySql.Data.MySqlClient.MySqlConnection.EnlistTransaction(Transaction transaction) +0
   MySql.Data.MySqlClient.MySqlConnection.Open() +554
   MySql.Web.Security.MySQLRoleProvider.RemoveUsersFromRoles(String[] usernames, String[] rolenames) +245
   System.Web.Security.Roles.RemoveUserFromRole(String username, String roleName) +191
   _default.Page_Load(Object sender, EventArgs e) in ...

The only current workaround is to give the connector full trust or put it in the GAC.

How to repeat:
[28 May 2009 11:38] Tonci Grgin
Hi James and thanks for your report.

I'm a bit puzzled with "The only current workaround is to give the connector full trust or put it in the GAC.". It appears to me there should be no other way than this...
Also, I think this particular problem is already reported so I'll have to check BugsDB before proceeding.
[7 Jul 2009 6:25] Tonci Grgin
Possible duplicate in Bug#45980.
[7 Jul 2009 10:05] Tonci Grgin
Bug#45980 was marked as duplicate of this report. Reggie, please take it in consideration when fixing this.
[16 Oct 2009 17:24] Marco Cianciaruso
any news about this problem?
[12 Nov 2009 11:15] Marco Cianciaruso
Is this bug stil in version 6.1.2 ?? I continue to have the same exception
[4 Feb 2010 15:33] Marco Cianciaruso
Are this bug forgotten???
There is any plan to solve it?
[23 Feb 2010 8:12] Tonci Grgin
I will send note to Reggie.
[23 Feb 2010 8:40] Vladislav Vaintroub
The simplest way to avoid the exception is to set "auto enlist=false" in the connection string.
[24 Feb 2010 22:29] Reggie Burnett
We have already removed usage of TransactionScope from our web providers.  We initially did this to fix our support on Mono but it also fixes this bug.  The fix was included in 5.2.8.  I'm not sure which 6.x version it went into but it is certainly in the most recent releases.

While it does resolve this issue there may still be a problem. Certainly if someone attempts to create their own transactionscope they may have a problem so we still need to investiage what (if anything) we can do about it.