Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / .NET Framework / Security / June 2004

Tip: Looking for answers? Try searching our database.

Registry Permission For Web Service

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Michael Bird - 22 Jun 2004 14:47 GMT
I haven't had to deal with the security stuff before now, and I can't seem
to get started.  I have a web service, and I want to log to the event log.
When I try to create my event source I get a security exception that it
can't write to the registry.  I have tried using the framework configuration
tool to mark the code as fully trusted (not a good thing, but I just wanted
to see if the code was working), but that didn't work.

Any idea on what I have to put into the code to make this happen?

Also, anyone know any good books or articles on using the security model?

Thanks
Reply to this Message
Joe Kaplan \(MVP - ADSI\) - 22 Jun 2004 15:59 GMT
It is probably a Windows-based security error (UnauthorizedAccessException)
instead of a .NET Code Access Security problem (SecurityException).
Generally, the ASP.NET account does not have permission to create event
sources or check to see if they exist.  It can only write to them.

Normally I solve this problem by creating the event log at install time
using Administrator privileges.  You can also elevate the privileges of the
ASP.NET account, but that isn't a good idea, especially if this is the only
reason you need to do that.

Also, if you are on Win2K3, there are some issues with creating custom event
logs as well.  If that applies to you, you might want to search this group
or MS support for more info.

Joe K.

> I haven't had to deal with the security stuff before now, and I can't seem
> to get started.  I have a web service, and I want to log to the event log.
[quoted text clipped - 8 lines]
>
> Thanks
Reply to this Message
Michael Bird - 22 Jun 2004 16:39 GMT
Actually, it is a SecurityException; and even if I put the IUSR and IWAM
accounts into the Administrators group just to check, I still get the
exception.

"Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com> wrote
> It is probably a Windows-based security error (UnauthorizedAccessException)
> instead of a .NET Code Access Security problem (SecurityException).
[quoted text clipped - 26 lines]
> >
> > Thanks
Reply to this Message
Joe Kaplan \(MVP - ADSI\) - 22 Jun 2004 19:27 GMT
Strike one for Kaplan!   The error you are getting is not the more common
scenario then.

Is the web application configured to run in partial trust mode?  Is there
anything in the securityPolicy element in web.config?

Typically, web applications run with Full Trust, so CAS doesn't enter into
the picture, but it sounds like that is not the case here.

The config element may be up the chain in one of the higher level web.config
files or in machine.config.

Joe K.

> Actually, it is a SecurityException; and even if I put the IUSR and IWAM
> accounts into the Administrators group just to check, I still get the
[quoted text clipped - 38 lines]
> > >
> > > Thanks
Reply to this Message
Michael Bird - 23 Jun 2004 21:42 GMT
Your first suggestion of fixing the problem by creating the event log source
ahead of time did the trick.  Thanks for that one.  Now I still need to
better understand how code-access security works and where the limit to not
allow the code to write to the registry was coming from since it wasn't the
trust on the code or the user account priveleges...

"Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com> wrote
> Strike one for Kaplan!   The error you are getting is not the more common
> scenario then.
[quoted text clipped - 54 lines]
> > > >
> > > > Thanks
Reply to this Message
Joe Kaplan \(MVP - ADSI\) - 23 Jun 2004 23:23 GMT
Glad that worked.  I'm still confused about what the actual problem was too.
You said it was a SecurityException which leads me to believe it was a CAS
problem (partial trust), but that isn't clear it was the case.  Maybe
someone else will chime in.

Joe K.

> Your first suggestion of fixing the problem by creating the event log source
> ahead of time did the trick.  Thanks for that one.  Now I still need to
[quoted text clipped - 68 lines]
> > > > >
> > > > > Thanks
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.