ASP.NET Trust Level

2

Personal Locaweb did an update on her servers and a site of a client of mine started to display the following error:

  

System.Security.SecurityException: Request for the permission of type 'System.Security.Permission ...

They suggested that I change the Trust Level to FULL. I was doing this in web.config like this:

<configuration>
 <system.web> 
      <trust level="Full" /> 

Then the site started to display the following error: This configuration section cannot be used at this path. This happens when the site administrator has locked access to this section using <location allowOverride="false"> from an inherited configuration file.

As I solve this I do not understand much about ASP.NET.

This is the site's web.config code.

<configuration>  <system.web>
<trust level="Full" />
<httpRuntime executionTimeout="240" maxRequestLength="100000" requestValidationMode="2.0" />
<!--<httpHandlers>
  <add verb="GET" path="CaptchaImage.axd" type="MSCaptcha.captchaImageHandler, MSCaptcha" />
</httpHandlers>-->
<compilation debug="true" strict="false" explicit="true" targetFramework="4.0">
  <assemblies>
    <add assembly="System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
    <add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
    <add assembly="System.Data.Entity.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
    <add assembly="System.Web.Extensions.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
    <add assembly="System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
    <add assembly="System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
  </assemblies>
  <buildProviders>
    <add extension=".edmx" type="System.Data.Entity.Design.AspNet.EntityDesignerBuildProvider" />
  </buildProviders>
</compilation>
<authorization>
  <allow users="?" />
</authorization>
<roleManager enabled="true" />
<authentication mode="Forms">
  <forms loginUrl="~/administracao/login.aspx" name="frm_login" protection="All" timeout="2880" path="~/administracao" defaultUrl="~/administracao/default.aspx" />
</authentication>
<customErrors mode="Off" />
</system.web>  
<location path="administracao">
<system.web>
  <authorization>
    <allow roles="administradores" />
    <!--<deny users="*"/>-->
    <allow users="?" />
  </authorization>
</system.web>

    
asked by anonymous 18.05.2015 / 17:13

3 answers

2

As you can see, it is not possible to change web.config because locaweb does not allow, so this simple solution does not work.

Check out the version of the DLL of MySql that you are using, since the problem is that the new versions do not work with trust level medium , so I put an older version and it worked. >

I was using the 6.7.4 version and put 6.1.2 and stopped giving problem.

    
31.05.2015 / 22:37
1

According to the Locaweb Wiki , the setting may be up to Medium Trust :

<configuration>
   <system.web> 
      <trust level="Medium" /> 
      ...
   </system.web>
   ...
</configuration>
    
18.05.2015 / 17:36
-2

Recently I discovered that to use the .mdf file made available by microsoft has to be trust level full, which locaweb ends up preventing the use of it.

And the way is to change hosting. I'm having a headache because of it.

Here's a comment below:

To use an .mdf file you need to have the full trust level (See here for details, in the Entity Framework and Universal Providers section).

Your hosting provider does not allow you to change the trust level, so having the directive causes the original error.

Removing the directive the original error is resolved but then you get a security exception since your web application still needs the full trust level to run, which your hosting provider does not provide.

    
16.02.2016 / 12:14