0

I'm new to ASP.NET and IIS and I'm trying to determine how the different trust levels will impact my application. I've read several different guides on what trust levels are intended to accomplish but I'm not sure what's going on here. My goal is to grant least privilege, but anything lower than full trust produces an exception. The "high" trust level gives the following message:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

The stack trace is as follows:

[SecurityException: Request failed.] System.RuntimeTypeHandle.GetTypeByName(String name, Boolean throwOnError, Boolean ignoreCase, Boolean reflectionOnly, StackCrawlMarkHandle stackMark, IntPtr pPrivHostBinder, Boolean loadTypeFromPartialName, ObjectHandleOnStack type) +0 System.RuntimeTypeHandle.GetTypeByName(String name, Boolean throwOnError, Boolean ignoreCase, Boolean reflectionOnly, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean loadTypeFromPartialName) +95 System.Type.GetType(String typeName) +61 System.CodeDom.Compiler.CompilerInfo.get_IsCodeDomProviderTypeValid() +14 System.Web.Compilation.CompilationUtil.GetRecompilationHash(CompilationSection ps) +2289 System.Web.Configuration.CompilationSection.get_RecompilationHash() +107 System.Web.Compilation.BuildManager.CheckTopLevelFilesUpToDateInternal(Int64 cachedHash) +516 System.Web.Compilation.BuildManager.CheckTopLevelFilesUpToDate(Int64 cachedHash) +57 System.Web.Compilation.BuildManager.ExecutePreAppStart() +148 System.Web.Hosting.HostingEnvironment.Initialize(ApplicationManager appManager, IApplicationHost appHost, IConfigMapPathFactory configMapPathFactory, HostingEnvironmentParameters hostingParameters, PolicyLevel policyLevel, Exception appDomainCreationException) +734

Does anyone know what operation is causing this?

Edit: Not a duplicate (as far as I can see). The type of exception in the other question is an HttpAntiForgeryException, with detail string:

The anti-forgery token could not be decrypted. If this application is hosted by a Web Farm or cluster, ensure that all machines are running the same version of ASP.NET Web Pages and that the configuration specifies explicit encryption and validation keys. AutoGenerate cannot be used in a cluster.

The exception I encountered is a SecurityException and the call stack differs.

Oloff Biermann
  • 706
  • 5
  • 18
  • Possible duplicate of [An unhandled exception was generated during the execution of the current web request.\[HttpAntiForgeryException\]](https://stackoverflow.com/questions/40309374/an-unhandled-exception-was-generated-during-the-execution-of-the-current-web-req) – Rai Vu Mar 03 '18 at 06:25
  • "I'm new to ASP.NET and IIS and I'm trying to determine how the different trust levels will impact my application." Say goodbye to that. Microsoft confirms partial trust won't give you any more security. https://support.microsoft.com/en-ca/help/2698981/asp-net-partial-trust-does-not-guarantee-application-isolation – Lex Li Mar 03 '18 at 16:02
  • Are you running in multiple versions of IIS, ex. debugging on IIS Express and deploying the app to a server and seeing different behavior? [This](https://stackoverflow.com/questions/38295216/securityexception-thrown-on-deployment) question's answer might be of help. – Poosh Mar 03 '18 at 22:34

0 Answers0