If using "SecurityRuleSet.Level1" works for you, then that is probably best to stick with.
I looked into the error, and I think I originally had this same error message too. This is the reason I added the SecurityCriticalAttribute to GetObjectData() in CustomIdentity. The code you were working with should also have had the SecurityCriticalAttribute
on GetObjectData(). If I remove the SecurityCriticalAttribute, then I receive the same error you reported. I would check the code in CustomIdentity.cs to make sure you see the SecurityCriticalAttribute attached to GetObjectData() (it's in the BE
I found this solution of applying the SecurityCriticalAttribute
here, which links to
this and this.
SecurityRuleSet.Level1 can be used, but is intended to be used for migration purposes, or as they state
here, for "backwards compatibility". It's basically using a set of security rules from .NET 2.0, whereas Level2 (the default in .NET 4.0) is using the new security rules introduced in
I'll have to see if others run into this error. Not a lot of people have yet tested the newer version of BE.