I wanted to inform our Dashboard module users about a situation, which we missed originally:
DashboardObjectDataSource serializer fails to load a data source type when signed assemblies with a changed version are usedAs you understand, it may occur only when target business types used in XML dashboard definitions with ObjectDataSource are from signed assemblies and the assembly version changes, e.g. when you deliver a new app version to the client:
<DataSources>
<ObjectDataSource ComponentName="dashboardObjectDataSource1">
<Name>Object Data Source 1</Name>
<DataSource Type="YourNamespace.YourObjectType, YourAssemblyName, Version=17.1.6498.1953, Culture=neutral, PublicKeyToken=YourPublicKeyToken" />
</ObjectDataSource>
</DataSources>
Currently, we recommend XAF application developers try a couple of solutions described in that thread, but they are not final solutions. We are currently reviewing them from the security point of view to make sure that the app won't be broken by passing another non-signed dll. For now, this does not seem to be the case, because business type information is obtained using the ReflectionHelper API from the already loaded assemblies, which are protected by the default .NET mechanisms. We just want to double-check or see if there are more suitable options. Ideally, I wish this to be working transparently for an application developer without the need to resolve any assemblies or types manually.
Your feedback is needed!
Have you experienced this behavior in your Dashboard apps? How do you currently cope with it? If there are existing solutions, share their details and also elaborate on their costs. Your feedback is greatly appreciated.
No comments:
Post a Comment