Home/ Questions/Q 7759905
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T13:44:41+00:00

I have an ASP.NET MVC4 app which uses DotNetOpenAuth 4.0.1 to authenticate users with

  • 0

I have an ASP.NET MVC4 app which uses DotNetOpenAuth 4.0.1 to authenticate users with an OpenId provider (Google). All works fine on my dev machine (localhost).

However, when I deploy the web application to the server (shared hosting), I get the following error when I attempt to authenticate (specifically, when I try to create an OpenIdRelyingParty):

Inheritance security rules violated while overriding member: ‘DotNetOpenAuth.Messaging.ProtocolException.GetObjectData(System.Runtime.Serialization.SerializationInfo, System.Runtime.Serialization.StreamingContext)’. Security accessibility of the overriding method must match the security accessibility of the method being overriden.

Stack Trace:

DotNetOpenAuth.Messaging.ErrorUtilities.VerifyProtocol(Boolean condition, String message, Object[] args) +0
DotNetOpenAuth.Messaging.Channel.ValidateAndPrepareBindingElements(IEnumerable`1 elements) +524
DotNetOpenAuth.Messaging.Channel..ctor(IMessageFactory messageTypeProvider, IChannelBindingElement[] bindingElements) +316
DotNetOpenAuth.OpenId.ChannelElements.OpenIdChannel..ctor(IMessageFactory messageTypeProvider, IChannelBindingElement[] bindingElements) +48
DotNetOpenAuth.OpenId.ChannelElements.OpenIdRelyingPartyChannel..ctor(ICryptoKeyStore cryptoKeyStore, INonceStore nonceStore, RelyingPartySecuritySettings securitySettings) +52
DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty..ctor(ICryptoKeyStore cryptoKeyStore, INonceStore nonceStore) +570
DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty..ctor() +65
MyProject.Controllers.OpenIdController.Authenticate(String returnUrl) in OpenIdController.cs:81
...

I have heard that DotNetOpenAuth works fine in medium trust, so I was surprised to get an error. How can I fix it? Do I need to modify the DotNetOpenAuth source code or is there a simpler way?

The question seems similar to this one but I wouldn’t know which parts of the source need editing. Also it seems strange that nobody has asked this question before with regard to DotNetOpenAuth so maybe I’m doing something wrong? Please help!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    It looks like you’re running the DotNetOpenAuth build that targets .NET 3.5. A breaking change that .NET 4.0 introduced was the requirement for different security attributes. You can get the DotNetOpenAuth build that targets .NET 4.0 from NuGet.

    • 0