"System.Security.SecurityException: Security error" error message when the virtual directory points to a remote share in ASP.NET (320268)
The information in this article applies to:
- Microsoft ASP.NET (included with the .NET Framework 1.1)
- Microsoft ASP.NET (included with the .NET Framework) 1.0
This article was previously published under Q320268 SYMPTOMS When you use a virtual directory that points to a remote
share to host a Microsoft ASP.NET-based application, you may receive an error
message that is similar to one of the following: Message 1Security Exception Description: The application
attempted to perform an operation not allowed by the security policy. To grant
this application the required permission please contact your system
administrator or change the application's trust level in the configuration
file.
Exception Details: System.Security.SecurityException: Security
error.
Source Error:
Line 30: private static bool
__intialized = false; Line 31: Line 32: public Global_asax() { Line 33: if
((ASP.Global_asax.__intialized == false)) { Line 34:
ASP.Global_asax.__intialized = true; Message 2Server Error in '/ApplicationName' Application.
Parser Error Description: An error occurred during the parsing of a resource required to service this request. Please review the following specific parse error details and modify your source file appropriately.
Parser Error Message:
Could not load type 'ApplicationName.Global'.
Source Error: Line 1: <%@ Application Codebehind="Global.asax.cs" Inherits="ApplicationName.Global" %> Source File: Path of Application \global.asax Line: 1
CAUSE The System.Web namespace does not have the AllowPartiallyTrustedCallersAttribute
applied to it. For more information, visit the following Microsoft Developer
Network (MSDN) Web site: Any code that is not in the My_Computer_Zone code group that does
not have this attribute requires the FullTrust user right. Therefore, the
remote share that holds the Web applications content requires FullTrust.
RESOLUTION To resolve this behavior, grant the FullTrust right to the
remote share:
- On the Web server, open Administrative Tools, and then
double-click Microsoft .NET Framework
Configuration.
- Expand Runtime Security Policy, expand
Machine, and then expand Code
Groups.
- Right-click All_Code, and then click
New.
- Select Create a new code group. Give your
code group a relevant name, such as the name of the applications share. Click
Next.
- In the Choose the condition type for this code
group list, select URL.
- In the URL box, type the path of the
share in the following format:
file:////\\computername\sharename\* Note Replace computername with
the name of the computer that is hosting the remote share.
Replace sharename with the name of the share. - Click Next. On the next page, select
Use an existing permission set, and then select
FullTrust.
- Click Next, and then click
Finish.
- Restart Microsoft Internet Information Services (IIS) to restart the ASP.NET worker process.
STATUS This
behavior is by design.REFERENCES
For more information about the permissions that the ASPNET account
requires to run ASP.NET applications, click the following article number to view the article in the Microsoft Knowledge Base:
317012
Process and request identity in ASP.NET
For more information about ASP.NET security, click the following article number to view the article in the Microsoft Knowledge Base:
306590
ASP.NET security overview
Modification Type: | Major | Last Reviewed: | 3/16/2006 |
---|
Keywords: | kbSecurity kbWebServer kbprb KB320268 kbAudITPRO kbAudDeveloper |
---|
|