I created a brand new Visual Studio 2013 ASp.net MVC application off of the default MVC template. However I am getting an error message Request for the permission of type 'System.Security.Permissions.ReflectionPermission failed.
Is it possible to turn off this Reflection Permission so the site still works?
here is my web.config
<?xml version="1.0" encoding="utf-8"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=301880
-->
<configuration>
<configSections>
<section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
<!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
</configSections>
<connectionStrings>
<add name="MyDb" connectionString="Data Source=x.x.com;Initial Catalog=x;User Id=x;Password=x;" providerName="System.Data.SqlClient" />
</connectionStrings>
<appSettings>
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
</appSettings>
<system.web>
<trust level="Full" />
<customErrors mode="Off"/>
<authentication mode="None" />
<compilation targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
<system.webServer>
<modules>
<remove name="FormsAuthenticationModule" />
</modules>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-5.0.0.0" newVersion="5.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="0.0.0.0-1.5.2.14234" newVersion="1.5.2.14234" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Antlr3.Runtime" publicKeyToken="eb42632606e9261f" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.5.0.2" newVersion="3.5.0.2" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<entityFramework>
<defaultConnectionFactory type="System.Data.Entity.Infrastructure.LocalDbConnectionFactory, EntityFramework">
<parameters>
<parameter value="v11.0" />
</parameters>
</defaultConnectionFactory>
<providers>
<provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" />
</providers>
</entityFramework>
</configuration>
Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.ReflectionPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
[SecurityException: Request for the permission of type >'System.Security.Permissions.ReflectionPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.] System.Delegate.DelegateConstruct(Object target, IntPtr slot) +0 Owin.Loader.DefaultLoader..ctor(Func
3 next, Func
2 activator, IEnumerable1 referencedAssemblies) +69 Microsoft.Owin.Host.SystemWeb.OwinBuilder.GetAppStartup() +65 Microsoft.Owin.Host.SystemWeb.OwinHttpModule.InitializeBlueprint() +28 System.Threading.LazyInitializer.EnsureInitializedCore(T& target, Boolean& initialized, Object& syncLock, Func
1 valueFactory) +115 Microsoft.Owin.Host.SystemWeb.OwinHttpModule.Init(HttpApplication context) +106 System.Web.HttpApplication.RegisterEventSubscriptionsWithIIS(IntPtr appContext, HttpContext context, MethodInfo[] handlers) +418 System.Web.HttpApplication.InitSpecial(HttpApplicationState state, MethodInfo[] handlers, IntPtr appContext, HttpContext context) +172 System.Web.HttpApplicationFactory.GetSpecialApplicationInstance(IntPtr appContext, HttpContext context) +336 System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext) +296
I tried to add
<trust level="Full" />
to my Web.Config system.Web section but that didn't work as I got a
This configuration section cannot be used at this path. This happens when the site administrator has locked access to this section using from an inherited configuration file.
it is shared hosting at 1and1.com and they won't give me full trust.
http://www.codeproject.com/Questions/586223/SecurityplusExceptionpluscomingplusinplusaplusrunn
Solution 4 System.Security.SecurityException: Request for the permission of type 'System.Net.SocketPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed
following solution of above error
<system.web>
<customErrors mode="Off"/>
<trust level="Full" />
</system.web>
Works for my en godady hosting
I asked the asp.net team directly and this was their response
We officially announced that partial trust is no longer a trust boundary for the purposes of application isolation last year (http://support.microsoft.com/kb/2698981) and as such our recommendation to shared hosting providers is to not use it anymore. Moving forward, we will not be supporting partial trust for new framework features we develop for this reason.
I know lots of people using shared hosting and since host providers won't ever give full trust to their shared hosting products I am guessing Microsoft made this decision so they can get more clients on Azure.
Puts us small developers who have clients sold on shared hosting in a predicament. Either go to more expensive hosting or jump to azure.
If you have the following conditions:
1) Must use Trust Level Medium or lower due to mandatory security requirements.
2) Using ASP.Net 4.5
3) Do not need to use Owin to allow external authentication providers, like Google or Facebook.
4) The application error information shows that Owin is involved in preventing your application from starting up under Medium Trust.
You can add the following line to your web.config AppSettings section to disable Owin and you should be able to get your program running at Medium trust levels:
<add key="owin:AutomaticAppStartup" value="false" />
Partial trust is not supported for Microsoft.Owin.Host.SystemWeb package. This is the package which helps running OWIN middlewares on IIS integrated pipeline. This assembly does reflection to detect & load the OWIN Startup class. You can turn off this by adding an appSetting , but unfortunately OWIN middlewares will not work as the Startup detection is disabled. Short answer - not possible to run on partial trust.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With