Home/ Questions/Q 372431
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-12T14:12:36+00:00

I’m trying to get an ASP.NET MVC app working… I should have known it

  • 0

I’m trying to get an ASP.NET MVC app working… I should have known it wouldn’t be easy. The first few pages work, but they are all static. The first time a Controller is executed I get the exception below.

Here is the Controller action method:

[AcceptVerbs(HttpVerbs.Get)]
public ActionResult Index(Section? section, int? parent)
{
    if (section == null)
    {
        return RedirectToAction("Index", "Questions", new {section = Section.Section0});
    }

    IPagedList<Question> questions = _surveyService.FetchQuestions(User.Identity.Name, section.Value, parent);

    // ...

    ViewResult result = View("Index", questions);
    result.ViewData.Add("CurrentSection", section.Value);
    result.ViewData.Add("Parent", parent);
    result.ViewData.Add("IsLastPage", questions.IsLastPage);

    return result;
}

The exception is thrown in the second line of the method at RedirectToAction().

Background:

  • I’ve followed the instructions in this answer.
  • I’m not using reflection or demanding security explicitly in my code.
  • I’m using MVC, LINQ to SQL, Elmah, and PagedList.
  • I’m using IIS 7 with
    Integrated mode.
  • I added [assembly:
    AllowPartiallyTrustedCallers    ] to my
    AssemblyInfo.cs. I did this because I found another Stack Overflow question that had an answer recommending it (I can’t find it now, or else I would provide a link). I also strong named my assemblies as suggested by Rex M’s answer below.

What am I missing to make this work?

The exception:

Server Error in '/surveys/objectification' Application.
    Security Exception
    Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

    Exception Details: System.Security.SecurityException: That assembly does not allow partially trusted callers.

    Source Error:

    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

    Stack Trace:

    [SecurityException: That assembly does not allow partially trusted callers.]
       SelfObjectificationSurvey.Web.Controllers.QuestionsController.Index(Nullable`1 section, Nullable`1 parent) +0
       lambda_method(ExecutionScope , ControllerBase , Object[] ) +123
       System.Web.Mvc.ActionMethodDispatcher.Execute(ControllerBase controller, Object[] parameters) +17
       System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary`2 parameters) +178
       System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary`2 parameters) +24
       System.Web.Mvc.<>c__DisplayClassa.<InvokeActionMethodWithFilters>b__7()
+53
       System.Web.Mvc.ControllerActionInvoker.InvokeActionMethodFilter(IActionFilter filter, ActionExecutingContext preContext, Func`1 continuation) +258
       System.Web.Mvc.<>c__DisplayClassc.<InvokeActionMethodWithFilters>b__9()
+20
       System.Web.Mvc.ControllerActionInvoker.InvokeActionMethodWithFilters(ControllerContext controllerContext, IList`1 filters, ActionDescriptor actionDescriptor, IDictionary`2 parameters) +193
       System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName)
+382
       System.Web.Mvc.Controller.ExecuteCore()
+123
       System.Web.Mvc.ControllerBase.Execute(RequestContext requestContext) +23
       System.Web.Mvc.ControllerBase.System.Web.Mvc.IController.Execute(RequestContext requestContext) +7
       System.Web.Mvc.MvcHandler.ProcessRequest(HttpContextBase httpContext) +144
       System.Web.Mvc.MvcHandler.ProcessRequest(HttpContext httpContext) +54
       System.Web.Mvc.MvcHandler.System.Web.IHttpHandler.ProcessRequest(HttpContext httpContext) +7
       System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
+181
       System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
+75


    Version Information: Microsoft .NET Framework Version:2.0.50727.3074; ASP.NET Version:2.0.50727.4049
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    One other thing you may want to check is that, according to this article, there are some .NET Types that can not be used within a partially trusted assembly, even if it has been decorated with AllowPartiallyTrustedCallersAttribute.

    See .NET Framework Assemblies and the AllowPartiallyTrustedCallers Attribute for a full list.

    Update 2
    Are you sure all the third-party assemblies you are calling are also decorated with the AllowPartiallyTrustedCallers attribute?

    eg looking at the AssemblyInfo.cs for PagedList 1.1 it does not seem to contain this attribute.

    Update 1: You are right, that list of unusable types does look very dated.

    This LINQ to SQL FAQ has some interesting information regarding its usage in a partial trust environment:

    APTCA

    Q. Is System.Data.Linq marked for use
    by partially trusted code?

    A. Yes, the System.Data.Linq.dll
    assembly is among those .NET Framework
    assemblies marked with the
    AllowPartiallyTrustedCallersAttribute
    attribute. Without this marking,
    assemblies in the .NET Framework are
    intended for use only by fully trusted
    code.

    The principal scenario in LINQ to SQL
    for allowing partially trusted callers
    is to enable the LINQ to SQL assembly
    to be accessed from Web applications,
    where the trust configuration is
    Medium.

    • 0