3

We are hosting a WCF service (.NET 4.0) in a Windows Service. It works pretty well on most machines, but on some machines it throws the following exception: "Error: An error occurred creating the configuration section handler for system.serviceModel/bindings: That assembly does not allow partially trusted callers." (The full stack trace is at the bottom of this post)

It seems that this exception is somewhat expected in partially trusted environments, but for all we know we are (or should be) running under full trust:

  • Everything is installed on the local C:\ drive
  • The Windows Service is running under an admin account
  • No software restriction policies are set
  • We have not done anything to explicitely run under medium trust

And it turns out that when we remove the binding section from the app.config (and do the configuration in code) then everything works fine. It is just reading that configuration section that is causing the issue.

Questions:

  • So what could be causing this security exception?
  • How can we tell if we are indeed runing under full trust?
  • What computer settings or configuration options do we need to change to avoid this security exception?

Any help is appreciated

Here is the stack trace:

Connect.Host.Connect.InitializeServiceHost(:0) Connect.Host.Connect.InitializeServiceHost(:0) [(null)] - Error: An error occurred creating the configuration section handler for system.serviceModel/bindings: That assembly does not allow partially trusted callers. (C:\Connect\MyApp\Host\Connect.Host.exe.Config line 54), stacktrace:    at System.Configuration.BaseConfigurationRecord.EvaluateOne(String[] keys, SectionInput input, Boolean isTrusted, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentResult)
   at System.Configuration.BaseConfigurationRecord.Evaluate(FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentResult, Boolean getLkg, Boolean getRuntimeObject, Object& result, Object& resultRuntimeObject)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
   at System.Configuration.BaseConfigurationRecord.GetSection(String configKey)
   at System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(String sectionName)
   at System.Configuration.ConfigurationManager.GetSection(String sectionName)
   at System.ServiceModel.Activation.AspNetEnvironment.UnsafeGetSectionFromConfigurationManager(String sectionPath)
   at System.ServiceModel.Activation.AspNetEnvironment.UnsafeGetConfigurationSection(String sectionPath)
   at System.ServiceModel.Configuration.ConfigurationHelpers.UnsafeGetAssociatedSection(ContextInformation evalContext, String sectionPath)
   at System.ServiceModel.Description.ConfigLoader.LookupChannel(ContextInformation configurationContext, String configurationName, ContractDescription contract, EndpointAddress address, Boolean wildcard, Boolean useChannelElementKind, ServiceEndpoint& serviceEndpoint)
   at System.ServiceModel.ChannelFactory.InitializeEndpoint(String configurationName, EndpointAddress address)
   at System.ServiceModel.ChannelFactory`1..ctor(String endpointConfigurationName, EndpointAddress remoteAddress)
   at System.ServiceModel.EndpointTrait`1.CreateSimplexFactory()
   at System.ServiceModel.ClientBase`1.CreateChannelFactoryRef(EndpointTrait`1 endpointTrait)
   at System.ServiceModel.ClientBase`1.InitializeChannelFactoryRef()
   at System.ServiceModel.ClientBase`1..ctor()
   at Connect.BL.EndpointManager.RegisterEndpoint(Int32 endpointId)
   at Connect.Host.Connect.InitializeServiceHost() for endpoint 0
Daniel
  • 31
  • 3
  • we are also facing the same issue... have not found any solution yet. Any luck in your case? –  Jul 23 '11 at 11:40
  • We have found not solution yet. When I posted the original question it had happened in only a handful of machines on different versions of windows (from XP to Server 2008). But lately it has started to happen very consistently in pretty much every machine. We have had to settle for doing the configuration in code for the time being. – Daniel Aug 09 '11 at 03:33
  • Probably not this, and the question is so old, but it sounds similar to an issue I had with config files causing security exceptions that came down to a pesky "block" option that's set when copying the config file around between machines: http://stackoverflow.com/a/14360663/1039947 – kmp Oct 04 '13 at 10:39

0 Answers0