Single Sign On claims based authentication.

Jun 29, 2010 at 4:11 PM
Edited Jun 30, 2010 at 5:39 AM

I was referring to "A guide to claims-based Identity" and i was also referring the sample code provided.

While trying with the Single sign on example samples with no Claims are working fine but sample with claims are not working for both expense and order sites.

samples with claims throws security exception saying that assembly does not allow partial trusted callers.

I tried doing all the possible solutions but not able to get out of it.

Any help will truly be appreciated. Its urgent.

Following is the exception

Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: That assembly does not allow partially trusted callers.

Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace: [SecurityException: That assembly does not allow partially trusted callers.] System.Security.CodeAccessSecurityEngine.ThrowSecurityException(Assembly asm, PermissionSet granted, PermissionSet refused, RuntimeMethodHandle rmh, SecurityAction action, Object demand, IPermission permThatFailed) +212 System.Reflection.MethodBase.PerformSecurityCheck(Object obj, RuntimeMethodHandle method, IntPtr parent, UInt32 invocationFlags) +0 System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) +396 System.Configuration.TypeUtil.InvokeCtorWithReflectionPermission(ConstructorInfo ctor) +66 System.Configuration.RuntimeConfigurationFactory.CreateSectionImpl(RuntimeConfigurationRecord configRecord, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentConfig, ConfigXmlReader reader) +40 System.Configuration.RuntimeConfigurationFactory.CreateSectionWithRestrictedPermissions(RuntimeConfigurationRecord configRecord, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentConfig, ConfigXmlReader reader) +133 System.Configuration.RuntimeConfigurationRecord.CreateSection(Boolean inputIsTrusted, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentConfig, ConfigXmlReader reader) +93 System.Configuration.BaseConfigurationRecord.CallCreateSection(Boolean inputIsTrusted, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentConfig, ConfigXmlReader reader, String filename, Int32 line) +145

Coordinator
Jun 29, 2010 at 7:32 PM

It seems you are not running in full trust (have a look for a <trust level="xx" /> element in your web configuration. WIF only allows fully trusted callers.

Jun 30, 2010 at 5:40 AM

Thanks Dominick for u r quick turn back.

I have already set trust level = full. but still its not working.

Jun 30, 2010 at 6:02 AM

One more thing i forgot to tell u that, i have tried using  [assembly:AllowPartiallyTrustedCallers] 

But m not able to find out which assembly is throwing this security exception.