Security Exception : assembly does not allow partially trusted callers

Dec 25, 2009 at 10:03 AM

Combres worked perfectly in the development environment until I deployed it to my hosting site. I then received the following error:

 

[SecurityException: That assembly does not allow partially trusted callers.]

ECA.Global.Application_Start(Object sender, EventArgs e) in Global.asax.cs:18

 

Is there a work-around ? Apparently the AllowPartiallyTrustedCallersAttribute should be applied to the Combres assembly - but I don't see anybody else having the same problem?

Coordinator
Dec 26, 2009 at 1:40 PM

Thanks for reporting this issue.  Combres doesn't support partially trusted environment yet.  I'll look into this.  I've created a tracking ticket here: http://combres.codeplex.com/WorkItem/View.aspx?WorkItemId=5656.

Dec 26, 2009 at 5:24 PM

Thanks Buu - Combre is really a great product. Is there anybody who has managed to get around the issue in a shared web hosting environment? I have tried each of the following:

1. Added the partially trusted callers attribute to the Combres assembley and built it to use a new dll

2. Signed my project

But neither worked, and maybe I am misunderstanding the cause of the problem. What would make the environment fully trusted ?

 

Coordinator
Dec 28, 2009 at 2:02 AM
Edited Dec 28, 2009 at 2:05 AM

@guj: it's more complicated than that.  Applying that attribute only means the assembly can be invoked by partially trusted code, it doesn't grant the assembly all the permissions to do all things in the system, which is quite another story.  Combres under the hood do stuff like reflection and referenced 3rdparty library like YUI, MSAjax Minifier might or might not do things which require other permissions.  The problem is that in a shared host environment, the admin usually doesn't grant assemblies certain permissions, e.g. using reflection, and that means there's no way assemblies employing these features can properly function.  Addressing this problem means to modify the assembly to not make use of features requiring permissions usually not granted in shared host environments.  Some of this is doable, some is not.  The best I can do is to avoid using as many of these features as possible, without sacrificing other factors like performance, maintainability.  Or I can use some conditional symbols to separate the code path for full-trust and partially-trust environment.  This is not trivial work.  Even after it's done, certain permissions are still required by the assembly and depending on the hosting provider you use, you might need to request the admin to relax the rules on your assembly a bit.  (You can try your luck and ask to grant your web apps full-trust now, or simply more permissions, now - who knows :-) .)