I am using Fluent NHibernate 1.2, NH 3.1 with castle for proxy generation. I am trying to run the application (A simple win-forms app) as a non-admin user and seeing the exception:
Unable to obtain public key for StrongNameKeyPair. Previously (I'm not sure what I did to get around that step), the exception was Creating a proxy instance failed.
Some blog posts from 2010 suggest that Castle's dynamic proxy may have problems with medium trust scenarios, so I've tried my luck with sn -m n but that doesn't seem to do much.
Is anyone familiar with this behaviour?
Thanks, JK
Edit:
The application call that generates this exception is a simple LINQ over a NHibernate session.
Here's the top of the stack trace (the whole thing is ~ 60 lines long):
mscorlib.dll!System.Reflection.StrongNameKeyPair.ComputePublicKey() + 0xca bytes
mscorlib.dll!System.Reflection.StrongNameKeyPair.PublicKey.get() + 0x15 bytes
mscorlib.dll!System.Reflection.Emit.AssemblyBuilder.AssemblyBuilder(System.AppDomain domain = {System.AppDomain}, System.Reflection.AssemblyName name = {System.Reflection.AssemblyName}, System.Reflection.Emit.AssemblyBuilderAccess access = Run, string dir = null, System.Security.Policy.Evidence evidence = null, System.Security.PermissionSet requiredPermissions = null, System.Security.PermissionSet optionalPermissions = null, System.Security.PermissionSet refusedPermissions = null, ref System.Threading.StackCrawlMark stackMark = LookForMyCaller, System.Collections.Generic.IEnumerable<System.Reflection.Emit.CustomAttributeBuilder> unsafeAssemblyAttributes = null, System.Security.SecurityContextSource securityContextSource = CurrentAssembly) + 0x4b8 bytes
mscorlib.dll!System.Reflection.Emit.AssemblyBuilder.InternalDefineDynamicAssembly(System.Reflection.AssemblyName name, System.Reflection.Emit.AssemblyBuilderAccess access, string dir, System.Security.Policy.Evidence evidence, System.Security.PermissionSet requiredPermissions, System.Security.PermissionSet optionalPermissions, System.Security.PermissionSet refusedPermissions, ref System.Threading.StackCrawlMark stackMark, System.Collections.Generic.IEnumerable<System.Reflection.Emit.CustomAttributeBuilder> unsafeAssemblyAttributes, System.Security.SecurityContextSource securityContextSource) + 0x7e bytes
mscorlib.dll!System.AppDomain.InternalDefineDynamicAssembly(System.Reflection.AssemblyName name, System.Reflection.Emit.AssemblyBuilderAccess access, string dir, System.Security.Policy.Evidence evidence, System.Security.PermissionSet requiredPermissions, System.Security.PermissionSet optionalPermissions, System.Security.PermissionSet refusedPermissions, ref System.Threading.StackCrawlMark stackMark, System.Collections.Generic.IEnumerable<System.Reflection.Emit.CustomAttributeBuilder> assemblyAttributes, System.Security.SecurityContextSource securityContextSource) + 0x2c bytes
mscorlib.dll!System.AppDomain.DefineDynamicAssembly(System.Reflection.AssemblyName name, System.Reflection.Emit.AssemblyBuilderAccess access) + 0x2b bytes
Castle.Core.dll!Castle.DynamicProxy.ModuleScope.CreateModule(bool signStrongName = true) + 0x1fa bytes
Castle.Core.dll!Castle.DynamicProxy.ModuleScope.ObtainDynamicModuleWithStrongName() + 0x9d bytes
Castle.Core.dll!Castle.DynamicProxy.ModuleScope.ObtainDynamicModule(bool isStrongNamed = true) + 0x2b bytes
Castle.Core.dll!Castle.DynamicProxy.ModuleScope.DefineType(bool inSignedModulePreferably = true, string name = "Castle.Proxies.Invocations.Entity`1_Equals", System.Reflection.TypeAttributes flags = Public | Serializable) + 0x5a bytes
Castle.Core.dll!Castle.DynamicProxy.Generators.Emitters.ClassEmitter.CreateTypeBuilder(Castle.DynamicProxy.ModuleScope modulescope = {Castle.DynamicProxy.ModuleScope}, string name = "Castle.Proxies.Invocations.Entity`1_Equals", System.Type baseType = {Name = "InheritanceInvocation" FullName = "Castle.DynamicProxy.InheritanceInvocation"}, System.Collections.Generic.IEnumerable<System.Type> interfaces = {System.Type[0]}, System.Reflection.TypeAttributes flags = Public | Serializable, bool forceUnsigned = false) + 0x68 bytes
Pretty silly - after a bit of trial and error I found that the Guest account is the problem. Creating a new account, when that account is in the Users group worked. The Guest account is far more restrictive than other accounts, but I probably assumed it can do certain things which it can't...
I'll leave it at that as I'm not expecting a "Guest user" for this application.