JoeAudette.com

As I mentioned in my previous post, I was doing some testing today of mojoPortal under Medium Trust and was trying to resolve some issues. In most situations mojoPortal can be configured to run in Medium Trust, but occasionaly people have reported System.Configuration.ConfigurationPermission exceptions. I have not been able to reproduce that problem on my development machine. I add this to Web.config to configure medium trust for testing purposes:
<trust level="Medium" originUrl="" />

So today I encountered this exception on a new machine running in Medium Trust. Its not always easy to find out what is causing an exception like this because you don't get a lot of information in the stack trace, but I was able to pin it down to System.Web.Extensions.dll which is the MS AJAX library. We include this dll in the /bin folder with mojoPortal releases and in Full Trust this is ideal because we don't care if the dll is installed on the machine or not, but in Medium Trust, this dll can not run from the bin folder, it must be installed in the GAC (Global Assembly Cache) on the server. If it is installed in the GAC, the copy in the /bin folder will be ignored and the one in the GAC will be used. But if its not installed and the machine is configured for Medium Trust it will cause this mysterious SecurityException with System.Configuration.ConfigurationPermission.

So the reason I was never able to reproduce the problem on my development machine was because I already had this installed in the GAC. If you install the ASP.NET 2.0 AJAX 1.0 using  ASPAJAXExtSetup.msi, it installs it in the GAC on your machine. Your only solution to this at a web host is for the host to install it on the server.