Deploying ASP.NET Applications to Medium Trust Servers

99% of the projects my company works on for clients are deployed internally to an enterprise environment managed by a company.  We rarely have to worry about deploying to a shared hosting environment which is nice.  One of the client projects we finished up recently based on ASP.NET MVC, PLINQO and jQuery was deployed to a shared hosting provider for the client and nothing worked initially.  Everything worked locally of course even if we hit the hosting provider’s database from the staging server code base.  It’s never fun to have development or staging working with the same code failing in production.

After researching the error more we thought it related to data access permissions since we were getting null reference errors as collections were converted to lists (data wasn’t being returned from the database).  Finding the root cause of errors in this situation is like finding a needle in a haystack since you can’t attach a debugger, can’t run SQL Profiler or do anything aside from looking at log files, make code changes, FTP the files to the server and see what happens. 

After thinking through it more and running several isolated tests we realized it wasn’t a data access error that we were getting (even though that’s what logs led us to believe).  With a little research I came across the good old <trust> element that can be used in web.config.  It’s not something that I personally have had to use for over 5 years so I completely forgot about it.  By placing the following in web.config you can simulate a medium trust environment:

  <trust level="Medium"/>

Changing the trust level made the staging environment fail with the same error shown on the shared host (which was awesome….rarely am I excited to get an error).  We found out that a PLINQO assembly we were using didn’t allow partially trusted calls so we located the source for that assembly, recompiled it to allow partially trusted callers and everything was fine. 

Bottom Line/Lesson Learned: If you’re deploying to a medium trust hosting environment you’d be wise to set the trust level to Medium up front to save time and energy down the road.

comments powered by Disqus


  • Oh yeah... This was a painful experience for me back when we started moving to 2.0 from 1.1, because we were spoiled with full trust. Most of my issues had something to do with reflection, consuming web services server-side, and using smtp client on a port other than 25. &nbsp;Some data providers would cause issues too; but luckily the host we were using made exceptions and added them to their trust list.
    Good post!

  • Dan, I'm going to have the exact same issue soon. Can you tell me which PLINQO assembly it was in and how you modified it?

  • Tyler,

    It was the CodeSmith.Data.dll assembly. I ended up downloading the latest source code from and added the [assembly: AllowPartiallyTrustedCallers] attribute into AssemblyInfo.cs. Once I did that things were fine. Definitely put the medium trust into your web.config though to see how things'll save you a lot of time when you go to deploy your app if it's going to a medium trust environment. :-)

  • Nathan,

    Definitely painful...especially when the root cause isn't easy to find sometimes. Full trust definitely spoils you. :-)

Comments have been disabled for this content.