Server Error in '/' Application.

Mar 22, 2011 at 4:25 PM

I am getting error below with my CRM 4 running on X64 bit server.

I am stuck on this one. Anyone seen similar error?


Could not load file or assembly 'AntiXssLibrary' or one of its dependencies. Access is denied.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.IO.FileLoadException: Could not load file or assembly 'AntiXssLibrary' or one of its dependencies. Access is denied.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Assembly Load Trace: The following information can be helpful to determine why the assembly 'AntiXssLibrary' could not be loaded.

WRN: Assembly binding logging is turned OFF.
To enable assembly bind failure logging, set the registry value [HKLM\Software\Microsoft\Fusion!EnableLog] (DWORD) to 1.
Note: There is some performance penalty associated with assembly bind failure logging.
To turn this feature off, remove the registry value [HKLM\Software\Microsoft\Fusion!EnableLog].

Stack Trace:

[FileLoadException: Could not load file or assembly 'AntiXssLibrary' or one of its dependencies. Access is denied.]
   System.Reflection.RuntimeAssembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, RuntimeAssembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks) +0
   System.Reflection.RuntimeAssembly.InternalLoadAssemblyName(AssemblyName assemblyRef, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection, Boolean suppressSecurityChecks) +569
   System.Reflection.RuntimeAssembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +203
   System.Reflection.Assembly.Load(String assemblyString) +35
   System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +147

[ConfigurationErrorsException: Could not load file or assembly 'AntiXssLibrary' or one of its dependencies. Access is denied.]
   System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +1298
   System.Web.Configuration.CompilationSection.LoadAllAssembliesFromAppDomainBinDirectory() +430
   System.Web.Configuration.AssemblyInfo.get_AssemblyInternal() +104
   System.Web.Compilation.BuildManager.GetReferencedAssemblies(CompilationSection compConfig) +334
   System.Web.Compilation.BuildManager.CallPreStartInitMethods() +264
   System.Web.Hosting.HostingEnvironment.Initialize(ApplicationManager appManager, IApplicationHost appHost, IConfigMapPathFactory configMapPathFactory, HostingEnvironmentParameters hostingParameters, PolicyLevel policyLevel, Exception appDomainCreationException) +1021

[HttpException (0x80004005): Could not load file or assembly 'AntiXssLibrary' or one of its dependencies. Access is denied.]
   System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +646
   System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +141
   System.Web.HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr) +928

Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

Mar 26, 2011 at 6:43 PM

This has been seen before on other servers.  Your server likely has a security setting that is locked down so tight that the Microsoft AntiXss library cannot be loaded. 

Open your %windir%/Microsoft.Net/Framework64/v2.0.50727/config/web.config file.  Look for the security settings:

   <location allowOverride="true">
                <trustLevel name="Full" policyFile="internal" />
                <trustLevel name="High" policyFile="web_hightrust.config" />
                <trustLevel name="Medium" policyFile="web_mediumtrust.config" />
                <trustLevel name="Low"  policyFile="web_lowtrust.config" />
                <trustLevel name="Minimal" policyFile="web_minimaltrust.config" />
            <trust level="Full" originUrl="" />

The full trust model will allow all assemblies to be used (unless that is modified).  If you are using another trust level (ie: High), you will have to adjust the settings to allow the AntiXss setting to be loaded.

This has been fixed by Microsoft in subsequent versions of AntiXss, and the fixed version is used in the CRM 2011 versions of the portals.  Unfortunately, there is no active plan to re-release the current portals with newer bits.

You should not have a problem hosting on x64 - I use this exact configuration for ALL of my servers.  It will boil down to specific settings in your server.  The default server settings for Windows Server 2008 and 2008 R2 standard edition will work without modification.

Shan McArthur