<< Adding Roles and Membership to an SQL Server Database | The selected file is not a valid ISO file >>

System.Security.SecurityException, BlogEngine’s BlogRoll.cs

November 3 2011 13:49 / by: Bryan Didas / Filed in:BlogEngine.NET

Recently during an upgrade from BlogEngine 1.6.1 to BE 2.0 I experienced several issues that required a bit of research for the solution. This particular issue had a few steps or phases before I found the root problem and the the right fix.

This blog is a subfolder within a base application and while I was merging BlogEngine into the web application everything seemed to work just fine. When I uploaded to my web host that the little issues started to show up. The first thing I noticed was that when I browsed to the home page I got a garbled output. What I find strange is that if I refreshed the page would render, but that the BlogRoll section did not. No issues on my local host, only on the hosted site.


After searching for topics on garbled output I found a post where it was described that there is some issue where BlogEngine has an issue and instead of throwing up an error or sending you to an error page you see the garbled output. One resolution was to comment out the compression module in the web.config.


I tried this mainly because it was simple enough to do. Just note that this compression module is located in 2x in the web.config file. You would comment them out in both places.

At this point I no longer got the garbled output, but a true error page. With this now I was able to start looking at finding an actual solution. The file throwing the error is BlogRoll.cs, this now makes sense of why after a refresh of the garbled output and the page rendered I wasn’t getting anything from that widget.


One post I found on the BlogEngine.Codeplex discussion forum stated that the checking of credentials really wasn’t required in this case and could be commented out. I tried this, but I did not get the desired results, in fact I started to get other errors.

After giving up one night and attempting another search the next day I found what I was looking for. Seems like there is always someone out there who has been through something very similar. I found the answer here.


By adding this little section to the web.config file and elevating the web application to a full trust, error gone. I returned all other setting changes and commented out code back to the original condition. Pages loads just the way it is supposed too, including the BlogRoll.

That’s is it, hopefully in the future when I run into a security issue like this I will refer back to this post.

Add comment

  Country flag
  • Comment
  • Preview