First, if you”ve already installed the last version of the framework, you can relax since it will automatically put the ASP.NET AJAX assembly on the GAC.
Ok, if you”re still using ASP.NET 2.0, then keep reading. As we all know, ASP.NET AJAX was introduced as an add-in to the ASP.NET 2.0 platform. During the early CTPs, you used to put the dll inside the bin folder. However, when the 1st beta was released, the behavior changed: the installation package started putting the assembly on the GAC. At the time, many complained since most hosts would only install it after it went RTM.
Since this has happened a long time, I didn”t expect to keep seeing people recommending to put the ASP.NET AJAX assembly inside the bin folder of the web app (just to simplify deployment). People, this is not a good idea! If you take a look around,you”ll see that many hosting companies will let you run your app in medium trust (which,if you ask me, is a good idea). What this means is that, for instance, you won”t get any permissions to use reflection (here”s a good reference to see what happens in each trust level). And reflection is needed in certain areas of the ASP.NET AJAX platform. For instance, web service invocation needs reflection to get info about the methods that get added to the JS proxy that is inserted on the page. If you drop the assembly on the GAC (which is done by default by the installation package), the assembly will always run in full trust.
So, if you”re putting your ASP.NET AJAX assembly on the bin folder before deploying your app, you”re not really simplifying things; instead, you”re just being lucky because:
- your web app hasn”t still used any feature that requires reflection. Who knows what will happen in the future when you decide to add a new feature?
- you”re running your web app in full trust. Believe me: this is not also a good idea!
Moral of the story: the next time someone tells you to put the ASP.NET AJAX assembly on the bin folder, just say NO! 🙂