Required permissions cannot be acquired.

May 14, 2010 at 10:08 PM
Edited May 14, 2010 at 10:10 PM

I'm running into a strange error. I'm able to compile and debug the customer portal using Visual Studio 2008 and having ther customer portal run under casisni.

However when I setup a custom web site in IIS and publish from VS into the web application I'm getting the following error:

Server Error in '/' Application.
--------------------------------------------------------------------------------

Required permissions cannot be acquired. 
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 

Exception Details: System.Security.Policy.PolicyException: Required permissions cannot be acquired.

Source Error: 

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.  

Stack Trace: 


[PolicyException: Required permissions cannot be acquired.]
   System.Security.SecurityManager.ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, PermissionSet& denied, Boolean checkExecutionPermission) +10238142
   System.Security.SecurityManager.ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, PermissionSet& denied, Int32& securitySpecialFlags, Boolean checkExecutionPermission) +97

[FileLoadException: Could not load file or assembly 'AntiXssLibrary, Version=1.5.0.0, Culture=neutral, PublicKeyToken=5906d2bb3d8a12c4' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
   System.Reflection.Assembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, Assembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection) +0
   System.Reflection.Assembly.InternalLoad(AssemblyName assemblyRef, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +416
   System.Reflection.Assembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +166
   System.Reflection.Assembly.Load(String assemblyString) +35
   System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +190

[ConfigurationErrorsException: Could not load file or assembly 'AntiXssLibrary, Version=1.5.0.0, Culture=neutral, PublicKeyToken=5906d2bb3d8a12c4' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
   System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +11207304
   System.Web.Configuration.CompilationSection.LoadAllAssembliesFromAppDomainBinDirectory() +388
   System.Web.Configuration.CompilationSection.LoadAssembly(AssemblyInfo ai) +232
   System.Web.Configuration.AssemblyInfo.get_AssemblyInternal() +48
   System.Web.Compilation.BuildManager.GetReferencedAssemblies(CompilationSection compConfig) +210
   System.Web.Compilation.BuildProvidersCompiler..ctor(VirtualPath configPath, Boolean supportLocalization, String outputAssemblyName) +76
   System.Web.Compilation.BrowserCapabilitiesCompiler.GetBrowserCapabilitiesType() +661
   System.Web.Compilation.BuildManager.EnsureTopLevelFilesCompiled() +691

[HttpException (0x80004005): Could not load file or assembly 'AntiXssLibrary, Version=1.5.0.0, Culture=neutral, PublicKeyToken=5906d2bb3d8a12c4' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
   System.Web.Compilation.BuildManager.ReportTopLevelCompilationException() +76
   System.Web.Compilation.BuildManager.EnsureTopLevelFilesCompiled() +1012
   System.Web.Hosting.HostingEnvironment.Initialize(ApplicationManager appManager, IApplicationHost appHost, IConfigMapPathFactory configMapPathFactory, HostingEnvironmentParameters hostingParameters) +1025

[HttpException (0x80004005): Could not load file or assembly 'AntiXssLibrary, Version=1.5.0.0, Culture=neutral, PublicKeyToken=5906d2bb3d8a12c4' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
   System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +11301302
   System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +88
   System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +4338644

 


--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:2.0.50727.4927; ASP.NET Version:2.0.50727.4927 
How should I be deploying the website into IIS?
May 15, 2010 at 12:01 AM

I fixed this error by changing the app pool setting for .NET.

I was attempting to deploy on Windows Server 2008 R2 with IIS 7.0

I was able to fix the deployment by changing the IIS application pool for the website from being a Managed pipeline mode: integrated to Managed pipeline mode: classic.

 

May 15, 2010 at 12:09 AM

I have never seen this error, but the AntiXssLibrary assembly is fairly new to this project and there may be some underlying security demands that I am not aware of. 
Is there a chance that the machine config for your IIS server has been modified or locked down?

The portals should work fine in Windows 2008 R2 using IIS 7.5 in integrated pipeline mode.  In fact, that is my primary demo environment, and is also the preferred hosting model for the portals.

For deploy, I simpy used an xcopy deploy to a folder that is on the server, then set up the website and application pool accordingly on the server.

Shan McArthur
www.shanmcarthur.net

May 18, 2010 at 4:48 PM

I've deployed this solution on 2 other servers and I've figured out a repeatable process:

1) In the web.config of the solution add the following

       <securityPolicy>
        <trustLevel name="Full" policyFile="internal" />
      </securityPolicy>
		</system.web>
	</location>
</configuration>

 

2) In the assemblyinfo.cs file add the following:

// You can specify all the values or you can default the Revision and Build Numbers 
// by using the '*' as shown below:
[assembly: System.Security.AllowPartiallyTrustedCallers()]
May 19, 2010 at 12:15 AM

Sounds like you have customized your server to run in a partial trust environment, which is more secure than out-of-box.  The documentation only outlines how to install on a default implementation of IIS.  In that case, your documented changes would be appropriate for your environment.  Thanks for sharing the solution!

Shan McArthur
www.shanmcarthur.net

Jun 17, 2010 at 5:06 PM

I'm having the exact same issue.

This morning, I installed a new web server (2008 R2).  Everything is default.  I deploy the site to the wwwroot and I get this error.  The site is a full trust env (default).

Jun 17, 2010 at 5:24 PM

Craig, you will not get this error on a default install.  Please send me an email through codeplex, or directly to shan underscore mcarthur at spamcop.net and I will set up a live meeting to help diagnose the issue.

Thanks,

Shan McArthur
www.shanmcarthur.net

Jun 17, 2010 at 5:53 PM

I changed the user for anonymous access in IIS to administrator and it now works.  Of course I don't want to leave it this way.  I'll email you :)

Jul 29, 2010 at 8:17 PM

I'm having this issue as well... trying to host my portal on a GoDaddy site, which from what I have read runs under a medium trust setting.  I tried to increase the security trust with what was posted above, but am not having luck yet.  Has anyone accomplished installing the portal into a similar enviroment?

Aug 3, 2010 at 10:42 PM

Hi There

I have just setup the customer portal as per the deployment guide. On-Premise CRM server, this is a reasonably new CRM installation with no customizations besides this portal. After copying the website files to a fresh IIS website I also receive the error explained in this thread.

Is anyone able to help me troubleshoot this problem? I'm near the end with my troubleshooting skills with IIS and CRM. Any help is much appreciated.

Below is a copy of the exact error i receive when trying to access the website:

Server Error in '/' Application.


 

Required permissions cannot be acquired.

[PolicyException: Required permissions cannot be acquired.]
   System.Security.SecurityManager.ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, PermissionSet& denied, Boolean checkExecutionPermission) +10238142
   System.Security.SecurityManager.ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, PermissionSet& denied, Int32& securitySpecialFlags, Boolean checkExecutionPermission) +97

[FileLoadException: Could not load file or assembly 'AntiXssLibrary, Version=1.5.0.0, Culture=neutral, PublicKeyToken=5906d2bb3d8a12c4' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
   System.Reflection.Assembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, Assembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection) +0
   System.Reflection.Assembly.InternalLoad(AssemblyName assemblyRef, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +416
   System.Reflection.Assembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +166
   System.Reflection.Assembly.Load(String assemblyString) +35
   System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +190

[ConfigurationErrorsException: Could not load file or assembly 'AntiXssLibrary, Version=1.5.0.0, Culture=neutral, PublicKeyToken=5906d2bb3d8a12c4' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
   System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +11207304
   System.Web.Configuration.CompilationSection.LoadAllAssembliesFromAppDomainBinDirectory() +388
   System.Web.Configuration.CompilationSection.LoadAssembly(AssemblyInfo ai) +232
   System.Web.Configuration.AssemblyInfo.get_AssemblyInternal() +48
   System.Web.Compilation.BuildManager.GetReferencedAssemblies(CompilationSection compConfig) +210
   System.Web.Compilation.BuildProvidersCompiler..ctor(VirtualPath configPath, Boolean supportLocalization, String outputAssemblyName) +76
   System.Web.Compilation.BrowserCapabilitiesCompiler.GetBrowserCapabilitiesType() +661
   System.Web.Compilation.BuildManager.EnsureTopLevelFilesCompiled() +691

[HttpException (0x80004005): Could not load file or assembly 'AntiXssLibrary, Version=1.5.0.0, Culture=neutral, PublicKeyToken=5906d2bb3d8a12c4' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
   System.Web.Compilation.BuildManager.ReportTopLevelCompilationException() +76
   System.Web.Compilation.BuildManager.EnsureTopLevelFilesCompiled() +1012
   System.Web.Hosting.HostingEnvironment.Initialize(ApplicationManager appManager, IApplicationHost appHost, IConfigMapPathFactory configMapPathFactory, HostingEnvironmentParameters hostingParameters) +1025

[HttpException (0x80004005): Could not load file or assembly 'AntiXssLibrary, Version=1.5.0.0, Culture=neutral, PublicKeyToken=5906d2bb3d8a12c4' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)]
   System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +11301302
   System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +88
   System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +4338644

Version Information:

Microsoft .NET Framework Version:2.0.50727.4927; ASP.NET Version:2.0.50727.4927

Aug 3, 2010 at 11:08 PM

This is an IIS security error.  I would like to know some more details about the history of your IIS machine.  Which version of the OS is it (standard edition, web edition)?  What steps have been taken to lock down IIS?  Any other things that could explain a security exception at IIS?

Thanks,
Shan

Aug 3, 2010 at 11:30 PM

Hi Shane

Thanks for your prompt reply. The IIS machine is also the CRM server. Running Windows Server 2008 R2 Enterprise.

All the server has on it is CRM and the Customer Portal. No security customizations have been made to IIS, other than what the CRM installer does.

Regards

Travis

Aug 5, 2010 at 9:27 PM

Can you send me your machine's web.config?  It should be located in the following folder: C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG (if you are hosting the app in a 32-bit process) or C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG for a 64-bit environment.

Send it to shan dot mcarthur at adxstudio dot com.

Thanks,
Shan

 

Aug 23, 2010 at 9:59 PM

We are seeing this in a new environment too.  Any new info on this?