question

wrappingduke-9129 avatar image
0 Votes"
wrappingduke-9129 asked Bruce-SqlWork edited

That assembly does not allow partially trusted callers

We have an ASP.NET Core 3.1 Web API controller that is called from an ASP.NET web app using .NET 3.5 framework. The API controller is called via a HttpWebRequest and results in an error

That assembly does not allow partially trusted callers

Both apps reside on the same shared hosting environment and domain. That is, both app's have the same domain but are in different folders (i.e. applications) in IIS. For instance, mywebsite.com/folder1 and mywebsite.com/folder2.

Here's a sample how asp.net web app calls the .net core web api:

  oRequest = HttpWebRequest.Create("https://www.mywebsite.com/folder2/path/to/api")
 With oRequest
 .Method = "GET"
 .ContentType = "application/x-www-form-urlencoded"
 .Accept = "application/json"
 .ContentLength = 0    
 oResponse = oRequest.GetResponse()
 oReader = New StreamReader(oResponse.GetResponseStream)
 'store results in string
 sResult = oReader.ReadToEnd
 End With

We checked the .NET trust level and both app's are set to "Full (Internal)". Also, we tried adding the AllowPartiallyTrustedCallers attribute to the controller but per MS, "Partially trusted code is no longer supported. This attribute has no effect in .NET Core."

Is there another way to call the api?

Help is appreciated.






windows-server-iisdotnet-runtimedotnet-aspnet-generaldotnet-aspnet-core-webapi
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @wrappingduke-9129 ,
ASP.NET Core and ASP.NET 4.x are in general incompatible so they cannot be hosted in certain ways. "called via HttpWebRequest" is also ambiguous so you'd better edit the question to show some code.
Best regards,
Yijing Sun

0 Votes 0 ·

Please re-read. Sample code has already been provided.

0 Votes 0 ·
Bruce-SqlWork avatar image
0 Votes"
Bruce-SqlWork answered wrappingduke-9129 edited

you don't specify which application gets the error.

your sample code just does a GET, though there is no reason to set the content-type for a GET. what happens if you just type the GET url into the browser?

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

The expected results are returned when the url is type into a browser. Here's a screenshot of the results:

204813-screenshot-of-web-api-call.gif

The Asp.Net web app gets the error and with a little more digging, the following error is returned from the web app:

The action that failed was:
LinkDemand
The Zone of the assembly that failed was:
That assembly does not allow partially trusted callers.


0 Votes 0 ·
Bruce-SqlWork avatar image
0 Votes"
Bruce-SqlWork answered wrappingduke-9129 commented

then the error is unrelated to the code you have shown us. in some other code you are calling an untrusted assembly.

note: while you may have configured trust in the application, the IIS machine config has to be configured to allow it.




· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Yes, I know it's unrelated that's why it wasn't included in the original post but it was requested. I thought the error message would indicate so. Nevertheless, you also felt it was also relevant that you mentioned "content-type" in the web request.

0 Votes 0 ·
Bruce-SqlWork avatar image
0 Votes"
Bruce-SqlWork answered Bruce-SqlWork edited

methods can not be marked AllowPartiallyTrustedCallers, only assemblies. you update the assembly.cs file with the attribute and strongly name the assembly.

typically you would do this to the library causing the trust error or wrap the library with a trusted wrapper.

· 6
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Please re-read the original post where the following is stated:

"Also, we tried adding the AllowPartiallyTrustedCallers attribute to the controller but per MS, "Partially trusted code is no longer supported. This attribute has no effect in .NET Core."

0 Votes 0 ·

Hi @wrappingduke-9129 ,
It has said, this attribute has no effect in .NET Core. You could check this article.
I think you could try to set the config.

 <system.web>
 <trust level="Full" />
0 Votes 0 ·

Yep, we did and that article states:

Partially trusted code is no longer supported. This attribute has no effect in .NET Core.

You have to go down a little further in the article or click here



Moreover, it was mentioned in the original post, the following:

"We checked the .NET trust level and both app's are set to "Full (Internal)"

Please read items in its entirety before answering as it mitigates monotony and delay of possible resolution.




0 Votes 0 ·
Show more comments
SamWu-MSFT avatar image
0 Votes"
SamWu-MSFT answered

@wrappingduke-9129 It is difficult to reproduce your problem, I suggest you open a case via: https://support.microsoft.com.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.