Problem with Event Log (long)
- From: "Dan Brill" <mangoed@xxxxxxxxxxxxxxxx>
- Date: Thu, 14 Apr 2005 01:59:25 +0100
Hi,
I'm sure this issue has been covered before but after searching around I
can't find anything which deals with quite the same set of circumstances or
suggests an optimal solution.
The issue is, broadly, that when I try to write to the Windows Event Log
from ASP.NET code I receive a System.Security.SecurityException ("Requested
registry access is not allowed").
Originally, I thought this was a problem with creating event logs and event
sources, so I wrote a custom installer (an EventLogInstaller) which I could
use to create an event log called 'MyLog' and a source called 'MySource' at
deployment time. This was following the instructions at
http://support.microsoft.com/default.aspx?scid=kb;en-us;329291.
This works great and now I can navigate to
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog and see a key
called 'MyLog' with a sub-key called 'MySource'. So far so good. The problem
is that I still can't write an entry.
I've examined what is happening from the perspective of the Registry (using
Regmon) and I can see that when I execute code such as
EventLog.WriteEntry("MySource", "MyMessage"), all of the keys representing
event logs are searched (possibly sequentially) for an event source called
'MySource'.
Although the ASPNET account has enough permissions to access 'MyLog' and
'MySource' (and I can even execute EventLog.Exists("MyLog") successfully) it
isn't even getting that far because as soon as the search hits the Security
log then the process fails with an ACCESS DENIED error.
I would expect the behaviour to be to ignore such errors unless I actually
want to write to that log (which I don't) and to continue searching until
either the correct source or nothing is found. Unfortunately, it seems to
just fail as soon as it receives an ACCESS DENIED for *any* log.
I had hoped to get round this by creating an instance of the EventLog class
rather than using its static methods, like this:
EventLog el = new EventLog("MyLog", Environment.MachineName, "MySource");
el.WriteEntry("MyMessage");
However, even this fails (on the second line) because the EventLog
constructor doesn't appear to do anything with the source except store it.
It also doesn't limit the search (described above) to the scope of 'MyLog'
and continues to bail on the Security key.
Now, I realise that there are a few ways around this problem, all of which
would probably require adding more code to my custom installer (since I want
the process to be automated):
1) Change the account under which the ASP.NET Worker Process runs to one
with suitable permissions (this seems like a manual process to me).
2) Change the permissions in the Registry either for the Security key only
or for its parent key (presuming that it inherits, I haven't checked).
I really wanted to know if there was a simpler way to do this or a
work-around because, to me, the behaviour seems bizarre. Also, what would
happen if another application created a log with extremely restrictive
permissions - would my code then bail attempting to access that log's key?
Any assistance would be appeciated!
-dan
mangoed@xxxxxxxxxxxxxxxx
.
- Follow-Ups:
- RE: Problem with Event Log (long)
- From: Steven Cheng[MSFT]
- RE: Problem with Event Log (long)
- Prev by Date: Re: aspnet_wp.exe could not be launched
- Next by Date: Re: Token of user identity
- Previous by thread: script debugger not starting
- Next by thread: RE: Problem with Event Log (long)
- Index(es):
Relevant Pages
|
