This is a good summary of things that work and don’t work when WCF is used in partially trusted AppDomains.

I especially like this sentence:

“The best way to discover that a piece of information or action is unavailable when running in a partial trust environment is to try to access the resource or do the action inside of a try block, and then catch the failure.”

This pretty much describes the situation we currently have in CAS.