TFS Check-in Validation Tool

Help

Error: "System.Security.SecurityException: That assembly does not allow partially trusted callers" when creating a buddy build against the Buddy Build Web Service

Problem:

You have installed the Buddy Build web service on a Sharepoint web site. Typically on a Team Foundation Server application tier machine, the Default Website is a Sharepoint web site. The Buddy Build web service should not be installed on a Sharepoint web site.

Default Web Site

The full exception you get will look like the following:

Security Exception Stack Trace

Solution:

First, uninstall the Buddy Build web service if it was installed on a Sharepoint web site.

Then, you have two options for installing the web service:

  1. You can choose to install the web service under the Team Foundation Server web site.

    • In this case, and since it is not recommended to use the same application pool that TFS uses, you should create a new application pool, preferrably based on the Team Foundation Server AppPool.

      Buddy Build App Pool

    • You should change the app pool identity to the account you want to use for running buddy builds. If you will be using the tool to perform gated check-ins (check-in the code upon buddy build success), then you should pick an account that will have check-in privileges on the source control tree where you will be checking in. Usually, you would use the Build Service Account (typically, tfsbuild).

    • Run the Buddy Build Web Service setup and select the web site and application pool as shown below:

Buddy Build Web Service Setup

  1. The preferred way to go is to create a new web site, create a new app pool, and select those when running the Buddy Build Web Service setup. This guarantees adequate isolation from the TFS installation.