Refresher on full trust

Refresher on full trust

Old forum URL:

cjherasmus posted on Friday, June 20, 2014

Does CSLA 4.5 still require full trust on server for ASP.NET MVC 4 internet applications?

RockfordLhotka replied on Friday, June 20, 2014

That depends entirely on you.

If you use the MobileFormatter (instead of BinaryFormatter or NDCS) for serialization then full trust should not be required.

The problem has always been with those two Microsoft serializers, because they are built in a way that requires full trust.

The MobileFormatter is something we wrote to support Silverlight, so it was designed around the assumption of partial trust. Somewhere around version 3.8 or 4.0 we made MobileFormatter available to any code, not just Silverlight.

The 'Using CSLA 4: Data Portal Configuration' book talks about how to configure CSLA to use different serializers.

cjherasmus replied on Thursday, June 26, 2014

So an ASP.NET MVC 4/5 public internet application with CSLA server-side can happen for me then.

Copyright (c) Marimer LLC