Medium Trust Support

  • 3 minutes to read

Because many web hosts do not grant Full Trust permission to their clients, XtraReports allows you to create reports that can be viewed and will work at the Medium Trust permission level. This document describes the requirements and restrictions for deploying an ASP.NET application with XtraReports on a web host requiring the Medium Trust permission level.

To deploy your web application under the Medium Trust permission level, first review the restrictions already introduced in .NET framework. For more information, refer to the following articles: How To: Use Medium Trust in ASP.NET 2.0 and ASP.NET Trust Levels and Policy Files.

When a reporting application is deployed under the Medium Trust permission level, XML serialization is the only option to save reports (CodeDOM serialization is not supported in such environment).

In addition, note that the following XtraReports features require the Full Trust permission level.

  • The XRRichText control may incorrectly render certain fonts under Medium Trust.
  • Third-party Windows Forms controls in XtraReports cannot be guaranteed to work correctly under Medium Trust.
  • The following controls cannot be rendered as a metafile.

  • A report cannot be exported to a metafile.
  • The usage of 3D charts under Medium Trust is limited for architectural reasons. See the Medium Trust Support topic in the DevExpress Charts documentation to learn about additional requirements that apply to the XRChart control.
  • Running end-user scripts, loading a report definition or style sheet is not allowed.

    These actions require compiling a C# or Visual Basic code at runtime, which is not allowed under the Medium Trust permission level.

  • Export to PDF:

    • The export engine detects whether or not it is allowed to embed PDF fonts.

      Under Medium Trust, the PDF export engine cannot use unmanaged code to obtain information required for embedding PDF fonts.

      For this reason, only non-embedded fonts are supported for this permission level and the export engine can only use a subset of 256 characters from Adobe Glyph List.

    • In most cases, the reporting engine is able to automatically detect that it is running under the Medium Trust permission level by examining the SecurityPermission flags. In this case, all necessary adjustments are made internally and you don't need to perform any additional customization (e.g., to support PDF export).

      When the reporting engine fails to correctly recognize the actual permission level, you may need to explicitly switch the application's permission level to Medium Trust or set the AzureCompatibility.Enable property to true. To learn more, see the PDF Export section of the Microsoft Azure Reporting topic.

    • Under Medium Trust, right-to-left languages do not render correctly.
See Also