Sometimes when you play in the sandbox you can get sand kicked in the face. That was the case with building this plug-in thought I would share the story with you in case it saves you a few minutes.
You probably know by now that if you build a plugin that runs in the sandbox it is running in partial trust. In fact you might have even had it kill your plug-in when you executed it due to a security violation. Many times its really obvious what is going on, and then other times like this one it might be elusive what the problem is.
This story started with building a new plug-in and trying to run it. All it would produce was a simple “Security Exception” message on invocation. No trace, nothing. This started in on-line so I took it on-premise, tried it there same thing. Checked tracing log, nothing useful.
I then tried to see if I could reproduce the exception outside of CRM. The quickest way I found to get a partial trust environment was a simple console application – go to security settings and turn on Click Once, and set it for partial trust. By default this is pretty locked down so you might find it too restricting but for some scenarios I think it might be helpful. In fact it did identify one small thing that was wrong, but in the end I still got the same Security Exception message.
After gutting the plugin to nothing much left and still getting the error it was obvious I was missing something obvious. What I failed to reproduce and/or check was the constructor getting called that took the config/secure config and in this case that was causing an exception, that exception ultimately hit some non sandbox friendly code in the constructor and killed the execution. The net result was the simple Security Exception message with no other details. So if you get that simple message – check your constructor.