search

aspnet / AspNetKatana

Microsoft's OWIN implementation, the Katana project
Apache License 2.0
959 stars 331 forks source link

Attempt to access method System.Management.Instrumentation.InstrumentedAttribute..ctor(System.String) in violation of security transparency rules failed. #509

Closed josejavierenriquez closed 7 months ago

josejavierenriquez commented 11 months ago

We are getting this exception when adding Microsoft.Owin.Security.OAuth to our project.

[MethodAccessException: Attempt to access method System.Management.Instrumentation.InstrumentedAttribute..ctor(System.String) in violation of security transparency rules failed.] System.RuntimeMethodHandle.CheckLinktimeDemands(IRuntimeMethodInfo method, RuntimeModule module, Boolean isDecoratedTargetSecurityTransparent) +0 System.Reflection.CustomAttribute.GetCustomAttributes(RuntimeModule decoratedModule, Int32 decoratedMetadataToken, Int32 pcaCount, RuntimeType attributeFilterType, Boolean mustBeInheritable, IList derivedAttributes, Boolean isDecoratedTargetSecurityTransparent) +797 System.Reflection.CustomAttribute.GetCustomAttributes(RuntimeAssembly assembly, RuntimeType caType) +149 Owin.Loader.DefaultLoader.SearchForStartupAttribute(String friendlyName, IList1 errors, Boolean& conflict) +199 Owin.Loader.DefaultLoader.GetDefaultConfiguration(String friendlyName, IList1 errors) +68 Owin.Loader.DefaultLoader.LoadImplementation(String startupName, IList1 errorDetails) +89 Owin.Loader.DefaultLoader.Load(String startupName, IList1 errorDetails) +30 Microsoft.Owin.Host.SystemWeb. .GetAppStartup() +165 Microsoft.Owin.Host.SystemWeb.OwinHttpModule.InitializeBlueprint() +37 System.Threading.LazyInitializer.EnsureInitializedCore(T& target, Boolean& initialized, Object& syncLock, Func`1 valueFactory) +139 Microsoft.Owin.Host.SystemWeb.OwinHttpModule.Init(HttpApplication context) +160 System.Web.HttpApplication.RegisterEventSubscriptionsWithIIS(IntPtr appContext, HttpContext context, MethodInfo[] handlers) +584 System.Web.HttpApplication.InitSpecial(HttpApplicationState state, MethodInfo[] handlers, IntPtr appContext, HttpContext context) +168 System.Web.HttpApplicationFactory.GetSpecialApplicationInstance(IntPtr appContext, HttpContext context) +277 System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext) +369

[HttpException (0x80004005): Attempt to access method System.Management.Instrumentation.InstrumentedAttribute..ctor(System.String) in violation of security transparency rules failed.] System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +532 System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +111 System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +724

Tratcher commented 11 months ago

This looks like Code Access Security which was deprecated a long time ago.

I'd recommend first seeing if the web.config has any <trust>​ element in it, and if so, deleting that element. It not, can you share a stand-alone repro of the issue?

Tratcher commented 7 months ago

Closing as no response