WCF in Partial trust environment

I have deployed by 开发者_StackOverflow中文版WCF to a host and my ASP.NET site is trying to consume the same service.

I get this error:

The Binding with name BasicHttpBinding failed validation because it contains a BindingElement with type System.ServiceModel.Channels.MtomMessageEncodingBindingElement which is not supported in partial trust. Consider using BasicHttpBinding or WSHttpBinding, or hosting your application in a full-trust environment. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.InvalidOperationException: The Binding with name BasicHttpBinding failed valiadation because it contains a BindingElement with type System.ServiceModel.Channels.MtomMessageEncodingBindingElement which is not supported in partial trust. Consider using BasicHttpBinding or WSHttpBinding, or hosting your application in a full-trust environment.

How do I get around this?

Exactly what it says: do not use MTOM, or host in a full trust environment.

Text message encoding:

<system.serviceModel>
    <bindings>
      <basicHttpBinding>
          <binding name="myBinding" messageEncoding="Text">
          </binding>
      </basicHttpBinding>
    </bindings>
</system.serviceModel>

Most shared hosting providers will only provide partial trust .NET hosting. You will need a (semi-)dedicated machine for full trust, or look around on the internet for a shared hosting provider that wants to risk it.

You can't "get around" a partial trust host in order to run code that requires full trust.

You have two options. First, follow the recommendations of the error message and use a binding that doesn't require full trust. Or, second, you could locate a host that will run your code in full trust.

You have different options

• use another binding
• make your code full trust (not a good idea and disallowed in many corporate environments and data centers)
• keep your code partially trusted but encapsulate the WCF calls into a fully trusted assembly that asserts needed permissions for the caller (which requires the assembly to be carefully reviewed etc etc)

Let me elaborate on the third option with an example. Say you have a method call MakeServiceCallToDangerousSite(string siteUrl). You need this to be called from partially trusted code, you don't want this to be misued. What to do? First, you could avoid getting the 'dangerous site' url from your caller i.e. MakeServiceCallToDangerousSite(). Second, now that you fully control that call, you can Assert the CLR permissions needed to make that call on behalf of your callers, either declaratively (at the method level) or imperatively (i.e. permission.Assert(); try{ DangerousCall(); }finally{CodeAccessPermission.RevertAssert();} Third, the assembly needs to be fully trusted, and for that, you need it to be in the GAC, which also needs the assembly to be strong named. I hope this helps, at least as a pointer to better explanations on MSDN :-)