6
I’m developing a website on Asp.Net MVC5. When posting the site on Locaweb and trying to log in with my user I received the message:
Attempt by security transparent method 'Microsoft.AspNet.Identity.ClaimsIdentityFactory`2+<CreateAsync>d__0<TUser,TKey>.MoveNext()' to access security critical method 'System.Security.Claims.ClaimsIdentity.AddClaim(System.Security.Claims.Claim)' failed.
Assembly 'Microsoft.AspNet.Identity.Core, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' is partially trusted, which causes the CLR to make it entirely security transparent regardless of any transparency annotations in the assembly itself. In order to access security critical code, this assembly must be fully trusted.
I use Identity and also some components of Devexpress.
It was only then that I contacted the support that told me that the problem occurs because their server only runs on medium trust: http://wiki.locaweb.com.br/pt-br/Security_Level_de_servidores_Windows_em_ambiente_compartilhado
On the microsoft website says that the solution is to put inside the tag <System.web> of my web.config the tag <trust level="medium" originUrl="" />.
While doing this I get the following error from the server: This configuration section cannot be used at this path. This happens when the site administrator has locked access to this section using <location allowOverride="false"> from an inherited configuration file.
That is, Ocaweb blocked this change through a global configuration file (at least that’s what I understood from the error).
I tried to tag <location allowOverride="false"> but it also didn’t solve.
The support of Ocaweb can only say that the error is programming, but I do not know how to solve. Somebody out there knows how to fix this?
Good advice! But I need to solve.
– Renatto Machado
Our dear, how can you? I saw that they have a server win server 2003 that accepts full trust, can I change the server? What do you think?
– Renatto Machado
Okay. I will analyze the possibility. Ai, already gives the tip to where was your lodging.
– Renatto Machado
Kinghost runs ASP.Net in full trust #ficaadica mode
– Marcelo Bezerra bovino
Kinghost runs Asp.Net in full trust, but only in . Net 4.0. Speaking with the support assured me that it would work, when I hired that I went to publish the error arises. I asked them to migrate to a server that supports . net 4.5 and full trust and they told me that they do not offer this.
– Renatto Machado
Too bad, the applications I ran there were Asp.net 4.0 even (instances of CMS Composite C1). Try commenting on the tags referring to impersonate settings and the full trust itself on your web.config, solve some errors there by doing this
– Marcelo Bezerra bovino
I have the same problem. I stayed at Kinghost and they said that the Full Trust environment runs on ASP.NET 4.0 and I need the environment to be 4.5 ?
– user11654
Try to change if
web.configfor<?xml version="1.0"?>
<configuration>
 <system.web>
 <customErrors mode="Off"/>
 </system.web>
 <system.web>
 <compilation debug="true"/>
</system.web>
</configuration>– ridermansb
Some solution?
– Danilo Oliveira
@Danilooliveira The solution was to go up to Azure. Providers like #Locaweb have implemented a medium-trust security level for Asp.net 4.0 and 4.5. And for nothing in the world are willing to change. The best solution is to go up to Azure. You can even host a basic website with a bank of up to 20Mb for free. If you use the same settings as a Locaweb of life the price is very close. So, it pays off.
– Renatto Machado