if deployed in medium trust web hosting (which is most shared web hosting) I get this error:
[SecurityException: Request for the permission of type 'System.Configuration.ConfigurationPermission, System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' failed.]
System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) +0
System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission cap, StackCrawlMark& stackMark) +31
System.Security.CodeAccessPermission.Demand() +46
System.Configuration.BaseConfigurationRecord.CheckPermissionAllowed(String configKey, Boolean requirePermission, Boolean isTrustedWithoutAptca) +84
I tried to resolve by setting requirePermission="false" in the section declaration in Web.config, and that does seem to get past the security error, but then I get a series of other errors beginning with this one:
[ReflectionTypeLoadException: Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.]
System.Reflection.RuntimeModule.GetTypes(RuntimeModule module) +0
System.Reflection.RuntimeModule.GetTypes() +4
System.Reflection.Assembly.GetTypes() +61
AjaxControlToolkit.Bundling.BundleResolver.PopulateControlDependencyTypeMaps() +133
AjaxControlToolkit.Bundling.BundleResolver..cctor()
So the site is completely failing to load at all.
Please advise if there is any workaround, otherwise this seems like a very bad bug with major impact.
Comments: further testing found the problem is really in AjaxControlToolkit.StaticResources.dll If I comment out the config section and declaration for ajaxcontrolToolkit and delete this dll from the bin folder the medium trust security error goes away, but then I am unable to use bundling and I am forced to have an unwanted WebResource.axd style link in the head Since this dll comes from NuGet it seems this could possibly be fixed independently of the Toolkit
[SecurityException: Request for the permission of type 'System.Configuration.ConfigurationPermission, System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' failed.]
System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) +0
System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission cap, StackCrawlMark& stackMark) +31
System.Security.CodeAccessPermission.Demand() +46
System.Configuration.BaseConfigurationRecord.CheckPermissionAllowed(String configKey, Boolean requirePermission, Boolean isTrustedWithoutAptca) +84
I tried to resolve by setting requirePermission="false" in the section declaration in Web.config, and that does seem to get past the security error, but then I get a series of other errors beginning with this one:
[ReflectionTypeLoadException: Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.]
System.Reflection.RuntimeModule.GetTypes(RuntimeModule module) +0
System.Reflection.RuntimeModule.GetTypes() +4
System.Reflection.Assembly.GetTypes() +61
AjaxControlToolkit.Bundling.BundleResolver.PopulateControlDependencyTypeMaps() +133
AjaxControlToolkit.Bundling.BundleResolver..cctor()
So the site is completely failing to load at all.
Please advise if there is any workaround, otherwise this seems like a very bad bug with major impact.
Comments: further testing found the problem is really in AjaxControlToolkit.StaticResources.dll If I comment out the config section and declaration for ajaxcontrolToolkit and delete this dll from the bin folder the medium trust security error goes away, but then I am unable to use bundling and I am forced to have an unwanted WebResource.axd style link in the head Since this dll comes from NuGet it seems this could possibly be fixed independently of the Toolkit