Does Facebook.NET support partial trust?

Dec 17, 2007 at 12:30 PM
I'm currently deploying my application in my hoster, and I get a Security Exception straightaway. My hoster is running in medium trust, which is the standart trust level for shared hosting. I am not granted the ConfigurationPermission, that's why I get this SecurityException. I can't immagine that noboby tried this before, so is it possible to run Facebook.NET in partial trust?
My error is:


Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Configuration.ConfigurationPermission, System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' failed.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

SecurityException: Request for the permission of type 'System.Configuration.ConfigurationPermission, System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' failed.
System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) +0
System.Security.CodeAccessPermission.Demand() +59
System.Configuration.BaseConfigurationRecord.CheckPermissionAllowed(String configKey, Boolean requirePermission, Boolean isTrustedWithoutAptca) +65
Coordinator
Dec 21, 2007 at 7:49 AM
Could you please log a bug - I've tried it in medium trust on a hoster as well, but haven't for the last few changes and its possible something crept in.

I certainly think its important to make sure it continues to run in medium trust.
Coordinator
Dec 21, 2007 at 5:59 PM
OK, I tried it - Facebook.NET does not require full trust. It requires the "High" trust level setting. This is because HttpWebRequest needs the WebPermission granting it to make requests outside the site of origin, i.e. here we need to issue requests out to facebook.com.

However, note that even in medium trust, my config access worked fine... maybe you were running in something like low trust?
Dec 22, 2007 at 1:31 PM


NikhilK wrote:
OK, I tried it - Facebook.NET does not require full trust. It requires the "High" trust level setting. This is because HttpWebRequest needs the WebPermission granting it to make requests outside the site of origin, i.e. here we need to issue requests out to facebook.com.

However, note that even in medium trust, my config access worked fine... maybe you were running in something like low trust?


Alright, I fixed this issue. I was running in medium trust. In order to work in medium trust, you have to make sure that the section element in the web.config has the requirePermission attribute set to false:

<configSections>
<section name="facebook" type="Facebook.Web.Configuration.FacebookSection, FacebookNET.Web" allowDefinition="MachineToApplication" requirePermission="false"/>
</configSections>