Permission Requirements


Trust Requirements

The WebStore works best in the default ASP.NET Full Trust settings, but it also works in Medium Trust with a few limitations regarding remote network access for potential credit card processing and email confirmations. Please check the following topic for more information and a description on what permissions need to be overridden in Medium Trust for full functionality:

Trust Permission Requirements

Limitations with Limited File Permissions

The Web store expects write access for the web account in the Web virtual root directory and the admin path so that the web.config file can be updated and error log files can be written. The application will run without these settings but you may not be able to use some of the administration forms in the Web application to modify configuration data without them.

Configuration settings and Web.config
Configuration settings in the store are stored in web.config. The administration interface provides the ability to update these configuration values and through the Web Store Configuration page. This page writes values back into Web.config, but it won't work if write permissions are not available.

If you don't have the necessary write permissions the application still runs but any configuration changes made on the Configure Server page will not persist properly into web.config which means any changes made on the admin form work only for the current instance of the store. When the app or IIS recycles the changes are lost.

If you don't have the required permissions for the application to write to web.config you can manually configure the keys in web.config rather than going through the administration interface. You can simply edit the configuration values directly.

By default several of the configuration keys are encrypted - in order to edit these values by hand you will have to remove the encryption functionality and you can do so by modifying the WebStoreConfig.cs file in the Westwind.WebStore.Business project.

Simply comment out the the this.SetEncryption line of code in the constructor:

/// <summary>
/// Custom Constructor that handles Encryption and using a custom Configuration Section
/// </summary>
 public WebStoreConfig()
 {
    // *** You should apply a password here if you are worried about encryption
    // this.SetEncryption("ConnectionString,MailPassword,CCMerchantPassword,WebServicePassword", "AppPassword");
    this.ReadKeysFromConfig();
 }

and recompile the application.

Note that this will break any existing values in these keys, but you can now enter plain text values into all settings.

 Last Updated: 1/10/2008 | Send topic feedback