Re: EventLogPermission via caspol.exe

From: Mark A. Richman (nospam_at_nospam.com)
Date: 04/29/05 

Date: Fri, 29 Apr 2005 13:21:43 -0400

I moved my code off UNC to local disk (under c:\inetpub\wwwroot\myapp). I can still browse the .asmx's, but when I invoke any methods, I now get this error instead:

MyException: The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
   at Foo.Bar.Baz.MyMethod() in c:\Inetpub\wwwroot\myapp\Foo\App_Code\Blah.cs:line 125
The offending line simply calls into my assembly that I'd like to be fully trusted. The event log contains this entry as well: "The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)". This all works fine on my desktop machine from within Visual Studio 2005 Beta 2, so I know it's not my code, per se.

Thanks again,
Mark
  "Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message news:uR67Uz%23SFHA.2916@TK2MSFTNGP15.phx.gbl...
  "Mark A. Richman" <nospam@nospam.com> wrote in message
  news:uT1dDyySFHA.2324@TK2MSFTNGP10.phx.gbl...
> Nicole,
>
> Firstly, I am not attempting to log from ASP.NET directly, but from a
> dependent assembly (albeit in the same process space - effectively the
> same thing, I assume).

  Pretty much. When EventLogPermission is demanded from within the .NET
  Framework code you are calling, both the ASP.NET application and your
  intermediary assembly must have the permission in order for the demand to
  pass (at least under "usual" circumstances).

> I am loading the web app and assemblies over UNC.
> I am also impersonating a Domain Admin account in my web.config.

  That's extremely risky. Are you doing this simply for troubleshooting
  purposes, or do you plan to run the application under an admin account in
  production? If the latter, you may want to reconsider...

> My trust
> level is the default setting of "Full". I have tried various caspol
> commands such as "caspol -m -fulltrust
> \\mydomain\dfsroot\dfslink\myapp\bin\myassembly.dll" with no luck.

  Chances are good that you're not creating quite the right policy changes
  when using caspol. However, before attempting to troubleshoot your caspol
  use, have you confirmed that the application runs as expected if the
  assemblies reside on the local machine rather than elsewhere on the network?

> The full stack trace is as follows (with real names obscured to protect
> the innocent):
>
> System.Security.SecurityException: Request for the permission of type
> 'System.Diagnostics.EventLogPermission, System, Version=2.0.0.0,
> Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
     at System.Security.CodeAccessSecurityEngine.Check(PermissionToken
  permToken, CodeAccessPermission demand, StackCrawlMark& stackMark, Int32
  checkFrames, Int32 unrestrictedOverride)
     at System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission
  cap, StackCrawlMark& stackMark)
     at System.Security.CodeAccessPermission.Demand()
     at System.Diagnostics.EventLog.SourceExists(String source, String
  machineName)
     at System.Diagnostics.EventLog.SourceExists(String source)
     at MyException..ctor(Object oSource, Int32 nCode, String sMessage,
  Exception oInnerException, Boolean bLog)
     at MyAssembly.Foo() in
  \\mydomain\dfsroot\dfslink\myapp\App_Code\Blah.cs:line 125
  Thank you so much!

  --
  Mark A. Richman

    "Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message
  news:u5d9fJySFHA.140@TK2MSFTNGP10.phx.gbl...
    Mark,

    What trust level is set for ASP.NET on your machine? (You can check this
  is
    in the %WINDIR%\Microsoft.NET\Framework\v2.0.<build>\CONFIG\web.config
    file.) If it's not full trust, then you'll need to ensure that both your
    ASP.NET application and your other assembly are granted the necessary
    EventLogPermission under the policy specified in the appropriate
    web_<level>trust.config file.

    That said, writing to the event log from a web application is not
    necessarily such a wonderful idea in the first place. If feasible, it
  might
    be a better solution to log to a different target rather than adjusting
  your
    application's permissions to allow writing to the event log.

    HTH,
    Nicole

    "Mark A. Richman" <nospam@nospam.com> wrote in message
    news:eGzLovqSFHA.3640@TK2MSFTNGP14.phx.gbl...
> I am getting an EventLogPermission exception when calling my assembly
  from
> an ASP.NET 2.0 app. I tried setting the assembly to FullTrust via
> caspol.exe, but I still get this exception. Any ideas? I am loading the
> web app and assemblies over UNC.

    --
    MARK RICHMAN

Relevant Pages

  • Re: EventLogPermission via caspol.exe
    ... I moved my code off UNC to local disk. ... Exception oInnerException, Boolean bLog) ... > web app and assemblies over UNC. ...
    (microsoft.public.dotnet.security)
  • Re: Cross-AppDomain call problems
    ... It might be that I pass a custom exception accross ... that I pass custom assemblies accross. ... none of the types are leaking across the appdomain boundary. ... I have a simple interface assembly that defines all the types the two ...
    (microsoft.public.dotnet.framework)
  • Re: Custom exception and JIT debugging
    ... That implies that you may be seeing an artifact of the environment, ... the assemblies are located may be different. ... client code that catches the exception. ... If the type used in the client is defined in an assembly ...
    (microsoft.public.dotnet.framework)
  • Implications of using typeFilterLevel=Full after strong naming assemblies
    ... We just started strong naming our assemblies and ran into a .Net Security ... Exception when remoting between ASP.Net and our Windows service. ...
    (microsoft.public.dotnet.framework)
  • Weird XML serialization problem
    ... I am experiencing a *very* frustrating problem with XML serialization. ... Everything works - all of my assemblies that reference ... Exception Information ...
    (microsoft.public.dotnet.framework)