The application attempted to perform an operation not allowed by the security policy

I have developed an website in Visual Studio 2008 and it worked fine while using Vista OS but my workstation got upgraded to Windows 7 and I now get following error:

Security Exception Description: The application attempted to perform
an operation not allowed by the security policy. To grant this
application the required permission please contact your system
administrator or change the application’s trust level in the
configuration file.

Exception Details: System.Security.SecurityException: Request for the
permission of type ‘System.Web.AspNetHostingPermission, System,
Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089’

I get this error while running on my local machine from within Visual studio… I have already googled the error but nothing i found helps so far. I don’t get the error when deployed on server, just on my local.

The website references .dll projects that I have created in the same solution. The error seems to occur when I try to instaniate an object contained within any one of these .dll projects.

This setting in Web.config did not help:

<trust level="Full" originUrl="" />

neither did this:
    <trustLevel  name="Full" policyFile="internal" />


Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

This worked for me. in web.config add

   <trust level="Full" />

Method 2

This is an old question, but I experienced this exact issue recently and as the problem existed on the local machine and not on a remote one like most of the rest of the information pulled up with this particular error, none of those solutions helped so I’m going to put my solution here.

My issue was that I was using a networked workstation and trying to run a solution that was stored on a network drive. For some reason, my local machine did not trust that particular drive and it would not accept any of the attempts to raise the trust level of the application.

Once I realized the issue was the drive itself, I simply moved the entire solution over to another one and it solved the problem for me. I imagine that a talk with the Network Admin about their permissions could likely helped to correct the error also, but just switching the solution to a local drive fixed the issue that I was having and might work for others.

Method 3


To resolve this behavior, grant the FullTrust right to the remote share:

  1. On the Web server, open Administrative Tools, and then double-click Microsoft .NET Framework Configuration.
  2. Expand Runtime Security Policy, expand Machine, and then expand Code Groups.
  3. Right-click All_Code, and then click New.
  4. Select Create a new code group. Give your code group a relevant name, such as the name of the applications share. Click Next.
  5. In the Choose the condition type for this code group list, select URL.
  6. In the URL box, type the path of the share in the following format:

Note Replace computername with the name of the computer that is hosting the remote share. Replace sharename with the name of the share.

  1. Click Next. On the next page, select Use an existing permission set, and then select FullTrust.
  2. Click Next, and then click Finish.
  3. Restart Microsoft Internet Information Services (IIS) to restart the ASP.NET worker process.

If Microsoft .NET Framework Configuration is not displayed under Administrative Tools, you can install the .NET Framework SDK to add Microsoft .NET Framework Configuration. Alternatively, you can run the following command to make the change:

Drive:WINDOWSMicrosoft.NETFrameworkv2.0.50727caspol.exe -m -ag 1 -url    "file:////\computernamesharename*" FullTrust -exclusive on

For more details:

Method 4


(1) Create an application pool for the appropriate domain using Internet Information Services (IIS). Login to the remote desktop and open IIS Manager. Expand the tree Application Pools. Right click and select New | Application Pool and give the required particulars.

(2) The next step is to place the domain under the newly created application pool. In order to perform this action, expand the tree labeled Web Sites and then Default Web Site under it. Select your domain name, right click on it and choose Properties menu item. Select the drop down box labeled Application pool and choose the newly created application pool name.

Note: You can automatically perform the above mentioned steps using certain popular hosting control panels if you have installed them on the server.

(3) Add the following lines of code to machine.config file. This file can be located under the folder – Root Drive Name:WINDOWSMicrosoft.NETFrameworkv1.1.4322CONFIG

<location path="" allowOverride="true">
     <trust level="Full" originUrl=""/>

(A) You should require administrative rights to the server and access to remote desktop to resolve the above issue. You should contact your hosting service provider if you don’t have access to the server.

(B) Replace with the appropriate domain name in which the problem is occurring.

Warning: Incorrect modification of machine.config file will cause problems to the ASP.NET service on the server.

Method 5

Try this

Go to the properties of precompiled dll’s, check to see if it has following security message (at the bottom of the window): “This file came from another computer and might be blocked to help protect this computer.” If present, click “Unblock”, “Apply” and “OK”.


Run the below caspol command to resolve the issue Drive:WINDOWSMicrosoft.NETFrameworkv2.0.50727caspol.exe -m -ag 1 -url file:////c:mysitecontent* FullTrust -exclusive on

Note: Please substitute c:mysitecontent* with actual path where pre-compiled DLLs are located.

And restart the system.

If it helped you vote it up please.

Method 6

I was getting the same error…so I solved with two steps. First, adding code in web.config file.

and second, changing the IIS Manger.
Select the server in IIS. Click/Open Feature Delegation under management. Than, change .NET Trust Level to Read/Write (from right hand Action panel)


All methods was sourced from or, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Notify of

Inline Feedbacks
View all comments
Would love your thoughts, please comment.x