Full Trust Required in ASP.NET

DeployLX Licensing uses advanced software protection techniques that by nature require access to machine configuration data and system resources that are not normally needed by typical applications. In a Full Trust environment (Windows Applications, Controls, Default ASP.NET settings) this is not a problem. When hosting protected software in an ASP.NET environment configured to use Medium Trust, or a more restrictive setting, protected components will not load without additional configuration. 

Trust Guarantee

Most ASP.NET providers will install well known components from component vendors for a small fee. For hosts that need additional assurances XHEO provides the XHEO Trust Guarantee which explicitly states the security and reliability of the components issued by XHEO INC. If you have difficulty working with your host provider you may have them contact us and we will gladly work with them to resolve any issues.

Installing the Runtime in the Global Assembly Cache

The easiest way to trust a component is to install it into the GAC.

To add the an assembly to the GAC
  • Copy the assembly to the Bin folder of the server.
  • Run gacutil specifying the assembly name.


The following command installs the licensing runtime into the global assembly cache for a website named Customer001.

gacutil /if /r DeployLX.Licensing.v3.dll OPAQUE "Customer001" "Installed on behalf of Customer001 on Feb 02, 07"
gacutil /u /r DeployLX.Licensing.v3.dll OPAQUE "Customer001" "Installed on behalf of Customer001 on Feb 02, 07"

Trusting DeployLX Assemblies

Some providers may not be comfortable installing assemblies in the GAC since they can introduce management problems. Each time the assembly is updated the GAC must be updated and all sites on the machine share the same assembly. Instead of installing assemblies in the GAC the host can explicitly grant trust to assemblies singed with XHEO's strong name keys.

To grant Full Trust to XHEO assemblies
  • Install the web_xheo_mediumtrust.config policy file on the host machine in the %FrameworkDir%\v2.0.50727\CONFIG folder. If the host has created their own custom policy file they can use the web_xheo_mediumtrust.config policy as a guide for modifying their configuration to grant permissions to XHEO assemblies.
  • Modify the system Web.config file in %FrameworkDir%\v2.0.50727\CONFIG folder to create a new trust level by adding the following to the <securityPolicy> node.
    <trustLevel name="XHEO_Medium" 
                policyFile="web_xheo_mediumtrust.config" />
  • Configure the IIS website to use the new trust level by adding the following to the <configuration> node of the system Web.config file.
    <location path="Name of website in IIS"> 
            <trust level="XHEO_Medium" originUrl="" /> 

ASP.NET Hosts Known to Support Full Trust

XHEO has confirmed that he following ASP.NET Hosts support Full Trust or custom compatibility with DeployLX security requirements. If you know of another host that supports Full Trust leave a comment.

Full Service Hosts

Published : Jan 01, 2009
Updated : Jan 04, 2012
Views : 5374
  • licensing
  • deploylx
  • mvc
  • asp-net

Applies To