RE: SecurityException for registry access while opening SQL Connection
From: Bassel Tabbara [MS] (basselt@online.microsoft.com)
Date: 01/28/03
- Next message: Mark Finkel: "RE: forms authentication"
- Previous message: Mary Chipman: "Re: Web.config"
- In reply to: Brian Noyes: "SecurityException for registry access while opening SQL Connection"
- Next in thread: Brian Noyes: "Re: SecurityException for registry access while opening SQL Connection"
- Reply: Brian Noyes: "Re: SecurityException for registry access while opening SQL Connection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: basselt@online.microsoft.com (Bassel Tabbara [MS]) Date: Tue, 28 Jan 2003 20:27:54 GMT
Hello Brian,
It seems that it is a permission issue of the ASPNET account. To give the
ASPNET account the proper permissions to access SQL Server, do the
following in Enterprise Manager:
1.Add the account as a SQL Server Login.
-Expand the security folder.
-Right-click Logins and select New Login.
-In the Name box, type ASPNET. In the Domain box, type the SQL Server
hostname. Select Windows Authentication.
-Click the Database Access tab and select the databases that you want
this account to be able to access.
2. Give the account EXEC permission on the objects that you need to.
If the problem persists you can run the RegMon tool that will give you
which registry entry is ASPNET account denied.
Registry Monitor logs all calls the to registry. The interfaces are nearly
identical and very easy to use.
To make a good log:
A. Run the log for the shortest amount of time practical. Setup the
scenario to the point just prior to where the error occurs, launch the
logging tool, repro the error, and shut down the logging tool after several
seconds.
1. Launch the tool and select Options/Filter.
a) In the Process Include(s) text box enter aspnet_wp.exe. This only
monitor calls made by ASPNET engine.
b) Process Include(s) should be empty.
c) In the Path Include(s) textbox enter *.
d) Path Include(s) should be empty.
e) History depth should be 0.
f) All 4 check boxes should be checked.
2. Immediately select Options/Capture Events to STOP logging.
3. Choose Options/Clear Display to wipe the initial entries.
4. Setup the application just prior to the point where you get the error.
5. Choose Options/Capture Events to start logging.
6. Reproduce the error in the application
7. After the error appears, choose Events/Capture Events to stop the
logging.
8. Save the log under File/Save As
For the registry keys which are denied to the aspnet_wp.exe process,check
these keys individually and see what the
security permissions are on each of them.
Thanks,
Bassel Tabbara
Microsoft, ASP.NET
This posting is provided "AS IS", with no warranties, and confers no rights.
--------------------
| From: "Brian Noyes" <brian@softinsight.com>
| Subject: SecurityException for registry access while opening SQL
Connection
| Date: Tue, 28 Jan 2003 10:41:28 -0500
| Lines: 43
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
| Message-ID: <eJyhwOuxCHA.2648@TK2MSFTNGP11>
| Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| NNTP-Posting-Host: pool-138-88-80-198.res.east.verizon.net 138.88.80.198
| Path: cpmsftngxa08!cppssbbsa01.microsoft.com!TK2MSFTNGP08!TK2MSFTNGP11
| Xref: cpmsftngxa08 microsoft.public.dotnet.framework.aspnet.security:3815
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
|
| I have something strange going on on two of my development machines. If I
do
| something as simple as trying to open a SQL connection to a database from
an
| ASP.NET page, I get a security exception for registry access. The exact
same
| code on my two other machines does not cause this. See below for the
| exception dump.
|
| If I go an change machine.config processModel to use SYSTEM as the user
| instead of machine, the problem clears up, but that is a security hole.
|
| Any ideas why opening a SQL connection would require registry access on
one
| machine but not another. They are all trying to access it as ASPNET, and
| that user has been granted access.to the database. The registry security
| access check appears to be happening after the database access check,
| because if I deny the ASPNET user access to the database, that exception
is
| thrown first.
|
| I'm sure it is some config setting somewhere, but I have not done any
| tweaking of config on these machines myself. In fact on one of them, I
| uninstalled VS.NET, .NET, SQL, and IIS, and reinstalled them all with
latest
| service packs and it did not clear the problem.
|
| Any help greatly appreciated.
|
| Security Exception
| Description: The application attempted to perform an operation not allowed
| by the security policy. To grant this application the required permission
| please contact your system administrator or change the application's trust
| level in the configuration file.
|
| Exception Details: System.Security.SecurityException: Requested registry
| access is not allowed.
|
| Source Error:
|
| Line 52: {
| Line 53: SqlConnection conn = new
|
SqlConnection("server=localhost;Trusted_Connection=true;database=Northwind")
| ;
| Line 54: conn.Open();
| Line 55: conn.Close();
| Line 56: }
|
|
|
- Next message: Mark Finkel: "RE: forms authentication"
- Previous message: Mary Chipman: "Re: Web.config"
- In reply to: Brian Noyes: "SecurityException for registry access while opening SQL Connection"
- Next in thread: Brian Noyes: "Re: SecurityException for registry access while opening SQL Connection"
- Reply: Brian Noyes: "Re: SecurityException for registry access while opening SQL Connection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
