IIS6 with all WindowsUpdate patches
ASP.NET 1.1-SP1
using identity impersonate="true" and authentication mode="Windows" in
web.config
Application is not in the local intranet, it is externally hosted for
an internal company

Web app with a reference to an external Assembly (it has no strong
name). The external Assembly contains a class with a method for
creating a new AppDomain and then placing a new Singleton instance of
another class (defined in the same Assembly) in the new AppDomain.

In the Session_Start event in Global.Asax, I check if the user has
authenticated, and if so the external Assembly is loaded and an
instance of the class is unwrapped and placed in the Remoted domain.
Web pages can make Remoted calls as needed and do their work.

However, that only works from a local XP desktop (where the developer
is an Administrator or Power User). The below Exception is thrown when
run from a Windows 2003 server. I think there is a problem is related
to Evidence for loading the Assembly. What could be wrong?

The code looks like this:

Evidence appEvidence = null;
AppDomainSetup aaD = new AppDomainSetup();
aaD.ApplicationBase = AppDomain.CurrentDomain.BaseDirectory +"bin";
aaD.PrivateBinPath = aaD.ApplicationBase;
aaD.ApplicationName = "AppStorage";
aaD.ShadowCopyDirectories = aaD.ApplicationBase;
aaD.ShadowCopyFiles = "true";
AppDomain appdoma = AppDomain.CreateDomain("Dummy");
AppStorage appStorage = new AppStorage();
try
{
appdoma = AppDomain.CreateDomain( "AppStorage" , appEvidence , aaD );
this._hostHandle = appdoma.CreateInstance( "TestDev.AppServices" ,
"TestDev.AppServices.AppStorage"  );
appStorage = (AppStorage)this._hostHandle.Unwrap();
ObjectHandle _hostHandle = appdoma.CreateInstance(
"TestDev.AppServices" , "TestDev.AppServices.AppStorage"  );
// Above line is where Exception is thrown

Problem:


System.IO.FileLoadException: Access is denied: 'TestDev.AppServices'.
File name: "TestDev.AppServices"

Server stack trace:
  at System.Reflection.Assembly.nLoad(AssemblyName fileName, String
codeBase, Boolean isStringized,
              Evidence assemblySecurity, Boolean
throwOnFileNotFound, Assembly locationHint, StackCrawlMark& stackMark)
  at System.Reflection.Assembly.InternalLoad(AssemblyName
assemblyRef, Boolean stringized,
              Evidence assemblySecurity, StackCrawlMark&
stackMark)
  at System.Reflection.Assembly.InternalLoad(String assemblyString,
Evidence
              assemblySecurity, StackCrawlMark& stackMark)
  at System.Activator.CreateInstance(String assemblyName, String
typeName,
              Boolean ignoreCase, BindingFlags bindingAttr,
Binder binder, Object[] args,
              CultureInfo culture, Object[]
activationAttributes, Evidence securityInfo,
              StackCrawlMark& stackMark)
  at System.Activator.CreateInstance(String assemblyName, String
typeName)
  at System.AppDomain.CreateInstance(String assemblyName, String
typeName)
  at
System.Runtime.Remoting.Messaging.StackBuilderSink.PrivateProcessMessage(
              MethodBase mb, Object[] args, Object server,
Int32 methodPtr, Boolean
              fExecuteInContext, Object[]& outArgs)
  at
System.Runtime.Remoting.Messaging.StackBuilderSink.SyncProcessMessage(IMessage
msg,
              Int32 methodPtr, Boolean fExecuteInContext)

Exception rethrown at [0]:
  at
System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg)
  at
System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type)
  at System.AppDomain.CreateInstance(String assemblyName, String
typeName)
  at TestDev.AppServices.EnterpriseServices.StoragePrep.Prepare(
              String remoteServerLocation, Int32
localClientPort)
              in .....storageprep.cs:line 106

=== Pre-bind state information ===
LOG: DisplayName = TestDev.AppServices
(Partial)
LOG: Appbase = E:/inetpub/wwwsites/TestSite/bin
LOG: Initial PrivatePath = E:/inetpub/wwwsites/TestSite/bin
Calling assembly : (Unknown).
===

LOG: Application configuration file does not exist.
LOG: Policy not being applied to reference at this time (private,
custom, partial, or location-based assembly bind).
LOG: Post-policy reference: TestDev.AppServices
LOG: Attempting download of new URL
file:///E:/inetpub/wwwsites/TestSite/bin/TestDev.AppServices.DLL.
LOG: Policy not being applied to reference at this time (private,
custom, partial, or location-based assembly bind).
LOG: Post-policy reference: TestDev.AppServices, Version=6.2.0.0,
Culture=neutral, PublicKeyToken=null

______________________________________________________________________

Call Stack:

Method Global.StoragePrep

Method Global.Application_Start
      sender: System.Object
      e: System.EventArgs

Method RuntimeMethodInfo.InternalInvoke
      obj: System.Object
      invokeAttr: System.Reflection.BindingFlags
      binder: System.Reflection.Binder
      parameters: System.Object[]
      culture: System.Globalization.CultureInfo
      isBinderDefault: System.Boolean
      caller: System.Reflection.Assembly
      verifyAccess: System.Boolean

Method RuntimeMethodInfo.InternalInvoke
      obj: System.Object
      invokeAttr: System.Reflection.BindingFlags
      binder: System.Reflection.Binder
      parameters: System.Object[]
      culture: System.Globalization.CultureInfo
      verifyAccess: System.Boolean

Method RuntimeMethodInfo.Invoke
      obj: System.Object
      invokeAttr: System.Reflection.BindingFlags
      binder: System.Reflection.Binder
      parameters: System.Object[]
      culture: System.Globalization.CultureInfo

Method HttpApplication.ProcessSpecialRequest
      context: System.Web.HttpContext
      method: System.Reflection.MethodInfo
      paramCount: System.Int32
      eventSource: System.Object
      eventArgs: System.EventArgs
      session: System.Web.SessionState.HttpSessionState

Method HttpApplicationFactory.FireApplicationOnStart
      context: System.Web.HttpContext

Runtime CLI Information: .NET Runtime
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\
NET Version v1.1.4322 Release Build