Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information

Topics: ASP.NET 2.0, Business Logic Layer
Jan 18, 2011 at 10:55 AM
Edited Jan 18, 2011 at 12:12 PM

Has anybody seen this yet?

LoadeExceptions message says:

Inheritance security rules violated by type: 'BlogEngine.Core.Compilation.Design.SessionExpressionEditor'. Derived types must either match the security accessibility of the base type or be less accessible.Inheritance security rules violated by type: 'BlogEngine.Core.Compilation.Design.CodeExpressionEditor'.

It might have something to do with installation with installation I did yesterday. Like new security patches have been applied to the .NET Framework.

BTW. I beleieve ASP.NET 3.5 and ASP.NET 4.0 topics would be useful

Jan 18, 2011 at 12:50 PM
Edited Jan 18, 2011 at 5:37 PM

I worked around it for now by adding

[assembly: SecurityRules(SecurityRuleSet.Level1)]

to the AssemblyInfo.cs

I will look into this later..



Apr 27, 2011 at 8:33 PM

I'm givin a try to the latest source code downloaded today just done a fresh uplad after compiling and i get :

Inheritance security rules violated while overriding member: 'BlogEngine.Core.CustomIdentity.GetObjectData(System.Runtime.Serialization.SerializationInfo, System.Runtime.Serialization.StreamingContext)'. Security accessibility of the overriding method must match the security accessibility of the method being overriden.


heres the stack:

[TypeLoadException: Inheritance security rules violated while overriding member: 'BlogEngine.Core.CustomIdentity.GetObjectData(System.Runtime.Serialization.SerializationInfo, System.Runtime.Serialization.StreamingContext)'. Security accessibility of the overriding method must match the security accessibility of the method being overriden.] BlogEngine.Core.Security.ContextAuthenticateRequest(Object sender, EventArgs e) in Security.cs:77 System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +148 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75

i will investigate further tomorrow on this if nobody has hint


daniele (at) danceoften (dot) com

Apr 28, 2011 at 4:50 AM

danceoften:  That's an error occurring in some relatively new code introduced for multiple blog support.  To get things going, I would recommend either use BE 2.0 ( or using a version prior to that code being introduced ... which would be checked in on March 27th.

At the same time, I'm happy you brought up this error with the details & stack.  I'm not seeing the error during testing, so it's probably an environment related error.  I'll see if I can track it down.

Apr 29, 2011 at 1:19 PM

danceoften:  I haven't yet had a chance to look at this error, but do you have any details on the environment you are running when you get this error?   Are you running it on your local machine, or at a webhost?  Are you running it using the built-in VS Cassini web server, or IIS?  If IIS, is it IIS6 or IIS7?  Classic mode or Integrated mode?  If you do have any of these types of details, it might help.  Thanks.

Apr 29, 2011 at 3:25 PM
Edited Apr 29, 2011 at 3:26 PM

i know the code is new and unstable.. and i am often givin a try to the latest source code to test compatibility with my code, while keeping the latest stable in production
(one simple blog with an extension and a widget i am developing)

said this
i am NOT seing this error on localhost both with iis7, and debugging with VS express 2010.

after compiling i just uploaded to winhost webhost environment, i guess integrated mode (i cannot check now) .net version 4
I DO see the error mentioned above, and i solved it adding

[assembly: SecurityRules(SecurityRuleSet.Level1)]

to the assembly.cs file of core project.

why does it run fine locally ?
in my winhost account i run Full(internal) trust but i do not exactly understand what it imply
how is the environment involved in security rule inheritance ?
i'm reading some internet to find out a reason but still busy seeking

thanx Ben and all the community for any solution

May 7, 2011 at 10:17 AM

If using "SecurityRuleSet.Level1" works for you, then that is probably best to stick with.

I looked into the error, and I think I originally had this same error message too.  This is the reason I added the SecurityCriticalAttribute to GetObjectData() in CustomIdentity.  The code you were working with should also have had the SecurityCriticalAttribute on GetObjectData().  If I remove the SecurityCriticalAttribute, then I receive the same error you reported.  I would check the code in CustomIdentity.cs to make sure you see the SecurityCriticalAttribute attached to GetObjectData() (it's in the BE core).

I found this solution of applying the SecurityCriticalAttribute here, which links to this and this.

SecurityRuleSet.Level1 can be used, but is intended to be used for migration purposes, or as they state here, for "backwards compatibility".  It's basically using a set of security rules from .NET 2.0, whereas Level2 (the default in .NET 4.0) is using the new security rules introduced in .NET 4.0.

I'll have to see if others run into this error.  Not a lot of people have yet tested the newer version of BE.

May 22, 2011 at 11:48 PM

This should be fixed in  If the blog is in medium trust, this "Inheritance security rules violated..." error would occur.  The CustomIdentity class has been changed so it does not violate security rules, even under medium trust.