Security policy problem

[Chris Bazalgette]

I'm in the process of getting to grips with ASP .Net, and have run into
a problem without an obvious solution. I've added some C# code to write
errors to the event log, and that compiles fine. But when run, the
application doesn't have permission to access the registry, and a
security exception is raised.

Now I know that the answer lies somewhere in the .NET configuration
panel, but I've no idea where. I've tried a few things, but got lost in
the Byzantine complexity of security policy and trust levels, and
nothing's worked so far.

One problem is that I can't find the assembly file for my application -
I've read that it's supposed to be in a \bin folder somewhere near the
..Net framework stuff, but I can find no such folder.

Be really grateful if any guru here can help.

Environment is Windows XP Pro with IIS 5.1 and .Net Framework 1.1 SP1.
I'm using Web Matrix to compile the C# code.

Debugger output below - exception is on line 33,
myEventLog.WriteEntry(..)

Many thanks for any ideas,

Chris



Security Exception
Description: The application attempted to perform an operation not
allowed by the security policy. To grant this application the required
permission please contact your system administrator or change the
application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Requested registry
access is not allowed.

Source Error:

Line 31: EventLog myEventLog = new EventLog("Application");
Line 32: myEventLog.Source="BANDCh03";
Line 33: myEventLog.WriteEntry(ex.ToString(),
EventLogEntryType.Error);

 

[John Saunders]

I'm in the process of getting to grips with ASP .Net, and have run into
a problem without an obvious solution. I've added some C# code to write
errors to the event log, and that compiles fine. But when run, the
application doesn't have permission to access the registry, and a
security exception is raised.

The typical problem is that the ASPNET account doesn't have the privileges
necessary to create a new event source. If you create the event source
first, you should have no trouble writing to it from your web application.

What I usually do, using VS.NET, is to drag an EventLog component onto a
design surface (maybe onto global.asax opened in design mode). I then
configure the event log and source I want. Next, I right-click and choose
"Add Installer". This creates an event log installer capable of installing
that event log.

I then delete the EventLog I dragged onto the design surface!

When built into mywebsite.dll, I can then use "installutil" to "install" the
site:

cd bin
installutil -i mywebsite.dll

When I run these commands as an administrator, the event log source gets
created. Then, when I run my web site, it can create log entries all it
likes.

 

[Chris Bazalgette]

John,

Thanks a lot for replying - that gives me some useful ideas to play
with.

- Chris

The typical problem is that the ASPNET account doesn't have the privileges
necessary to create a new event source. If you create the event source
first, you should have no trouble writing to it from your web application.

What I usually do, using VS.NET, is to drag an EventLog component onto a
design surface (maybe onto global.asax opened in design mode). I then
configure the event log and source I want. Next, I right-click and choose
"Add Installer". This creates an event log installer capable of installing
that event log.

[...]