Front end error

Apr 25, 2010 at 5:50 PM

Hi Guys,

Sure im doing something wrong. not that up with iis. Basically i keep getting following error after adding the frontend into iis as an app:

Security Exception

Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
   System.Reflection.Assembly._GetType(String name, Boolean throwOnError, Boolean ignoreCase) +0
   System.Web.UI.Util.GetTypeFromAssemblies(ICollection assemblies, String typeName, Boolean ignoreCase) +201
   System.Web.UI.TemplateParser.GetType(String typeName, Boolean ignoreCase, Boolean throwOnError) +323
   System.Web.UI.TemplateParser.ProcessInheritsAttribute(String baseTypeName, String codeFileBaseTypeName, String src, Assembly assembly) +10854748
   System.Web.UI.TemplateParser.PostProcessMainDirectiveAttributes(IDictionary parseData) +365


I have the direcotry on the C: drive, so its not in a unc a share. I am also running 2008 x64 with .net 3.5 sp 1.



Apr 25, 2010 at 7:57 PM

Hi Guys,

Not sure if i missed an instruction or not?? turned oln impersonation and it sprung to life.

Cheers, no doubt ill be posting again soon tho.



May 22, 2010 at 6:12 PM

Hi Adam,

sry for the late response. It is actually a permission problem so you would have to check what account has been set up to run the application pool. Especially if it is not beneath the C:\Inetpub directory there might be other changes necessary as well.

If you turn on impersonation the web FrontEnd will use the account of the user opening the web page. So every user accessing the page needs to have appropriate permission on the database. That's why I generally prefer to configure an explicit account that the webpage is using to connect to the database. And then configure permissions on the web page to define who is allowed to access the web page. This way you can be sure that the web page itself is always working, no matter who is using it.