Security problem when writting to Event Log

[JMMB]

When trying to execute the following code in a web service, I get the
enclosed error. Everyone has full control to the registry and Security
System is configured with the default "Full Control" access for "All code".
thanks a lot.

WEBMETHOD:
EventLog log = new EventLog("ContosoLog");
log.Source = "MyServiceApplication";
log.WriteEntry("My sessionID", EventLogEntryType.Warning);

ERROR:
System.Web.Services.Protocols.SoapException: Server was unable to process
request. ---> System.Security.SecurityException: Requested registry access is
not allowed. at Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean
writable) at System.Diagnostics.EventLog.FindSourceRegistration(String
source, String machineName, Boolean readOnly) at
System.Diagnostics.EventLog.SourceExists(String source, String machineName)
at System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
type, Int32 eventID, Int16 category, Byte[] rawData) at
System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
type, Int32 eventID, Int16 category) at
System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
type, Int32 eventID) at System.Diagnostics.EventLog.WriteEntry(String
message, EventLogEntryType type) at MyService.Service1.SessionID() in
c:\inetpub\wwwroot\myservice\service1.asmx.cs:line 79 --- End of inner
exception stack trace ---

 

[Yunus Emre ALPÖZEN [MCAD.NET]]

u should give ASP.NET user required permission to write event log. adding it
administrator group should fix it. By i think u should use local security
policy to configure settings...

 

[Nicole Calinoiu]

u should give ASP.NET user required permission to write event log.

That won't actually help here.

adding it administrator group should fix it.

Running as an admin will fix just about any problem that's due to a
restricted ACL. However, running ASP.NET under an admin account is usually
a pretty terrible idea...

By i think u should use local security policy to configure settings...

No setting that's modifiable under the Local Security Policy MMC is relevant
to this problem.

--

Thanks,
Yunus Emre ALPÖZEN
BSc, MCAD.NET

When trying to execute the following code in a web service, I get the
enclosed error. Everyone has full control to the registry and Security
System is configured with the default "Full Control" access for "All
code".
thanks a lot.

WEBMETHOD:
EventLog log = new EventLog("ContosoLog");
log.Source = "MyServiceApplication";
log.WriteEntry("My sessionID", EventLogEntryType.Warning);

ERROR:
System.Web.Services.Protocols.SoapException: Server was unable to process
request. ---> System.Security.SecurityException: Requested registry
access is
not allowed. at Microsoft.Win32.RegistryKey.OpenSubKey(String name,
Boolean
writable) at System.Diagnostics.EventLog.FindSourceRegistration(String
source, String machineName, Boolean readOnly) at
System.Diagnostics.EventLog.SourceExists(String source, String
machineName)
at System.Diagnostics.EventLog.WriteEntry(String message,
EventLogEntryType
type, Int32 eventID, Int16 category, Byte[] rawData) at
System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
type, Int32 eventID, Int16 category) at
System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
type, Int32 eventID) at System.Diagnostics.EventLog.WriteEntry(String
message, EventLogEntryType type) at MyService.Service1.SessionID() in
c:\inetpub\wwwroot\myservice\service1.asmx.cs:line 79 --- End of inner
exception stack trace ---

 

[Nicole Calinoiu]

When trying to execute the following code in a web service, I get the
enclosed error. Everyone has full control to the registry

Not to every key in the registry, or you wouldn't be having this problem.

and Security
System is configured with the default "Full Control" access for "All
code".

If by this you mean that you're running under default CAS (code access
security) policy, that's not relevant to the exception you're seeing, which
is due to user permissions, not CAS permissions.

You're probably seeing this exception because the "MyServiceApplication"
source isn't actually registered. When the framework code invoked by the
WriteEntry method attempts to identify the log associated with the source
(which it does even if you tell it which log to use), it's most likely
hitting registry entries for a log with highly restricted permissions (e.g.:
Security, or maybe ContosoLog if you haven't set its permissions
appropriate). In order to avoid this problem, you need to create your new
log and register the "MyServiceApplication" source while running from a more
privileged account. One approach is to do this from your application's
installer, which would typically be run under an admin account.

thanks a lot.

WEBMETHOD:
EventLog log = new EventLog("ContosoLog");
log.Source = "MyServiceApplication";
log.WriteEntry("My sessionID", EventLogEntryType.Warning);

ERROR:
System.Web.Services.Protocols.SoapException: Server was unable to process
request. ---> System.Security.SecurityException: Requested registry access
is
not allowed. at Microsoft.Win32.RegistryKey.OpenSubKey(String name,
Boolean
writable) at System.Diagnostics.EventLog.FindSourceRegistration(String
source, String machineName, Boolean readOnly) at
System.Diagnostics.EventLog.SourceExists(String source, String
machineName)
at System.Diagnostics.EventLog.WriteEntry(String message,
EventLogEntryType
type, Int32 eventID, Int16 category, Byte[] rawData) at
System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
type, Int32 eventID, Int16 category) at
System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
type, Int32 eventID) at System.Diagnostics.EventLog.WriteEntry(String
message, EventLogEntryType type) at MyService.Service1.SessionID() in
c:\inetpub\wwwroot\myservice\service1.asmx.cs:line 79 --- End of inner
exception stack trace ---