Security Exception, AspNetHostingPermission Error
Problem
You get this error when running your application:
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission, please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Request failed.
When using Microsoft SharePoint
This error can occur when your server runs Microsoft SharePoint Services. Try disabling the SharePoint service and make sure your server is running .NET Framework 1.1 or 2.0.
Please also review:
http://blogs.msdn.com/pandrew/archive/2004/05/09/128569.aspx
If you are not running SharePoint, then this issue reflects the security policy of your computer.
Virtual Directory on Microsoft IIS is not set to allow anonymous access
See Virtual Directory on Microsoft IIS Does Not Allow Anonymous Access for instructions on allowing anonymous access.
The ASPNET user is not configured properly
Check to make sure the ASPNET account has permissions to the folder containing your application. Your ASPNET user needs full permissions in order for your application to run properly.
See ASP.NET User Does Not Have Permissions to Your Application Folder for instructions on granting access permissions.
Application properly deployed
Make sure that you have followed the instructions in Part VI: Deploying Applications Into Production.
Running under medium trust level in .NET
This condition frequently arises when ASP hosting providers run under .NET’s ‘medium trust’ level. Update your .NET Framework’s Web.config file to permit operation under the ‘medium trust’ level. This Web.config file is not the same as your application’s Web.config file. It is typically located in your .NET Framework’s installation folder, e.g.:
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\web.config
Here is an example of an updated Web.config file set to allow ‘medium trust’ operation:
<location allowOverride="true">
<system.web>
<securityPolicy>
<trustLevel name="Full" policyFile="internal" />
<trustLevel name="High" policyFile="web_hightrust.config" />
<trustLevel name="Medium" policyFile="web_mediumtrust.config" />
<trustLevel name="Low" policyFile="web_lowtrust.config" />
<trustLevel name="Minimal" policyFile="web_minimaltrust.config" />
</securityPolicy>
<trust level="Medium" originUrl="" />
</system.web>
</location>
Check event viewer
Look in the Event Viewer on the machine, specifically at the Application section. If you see multiple errors or warnings within a short period of time, look at the first one to see the root cause. Sometimes errors have a cascading impact, so always looking at the first one will give you information about the root cause.