By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
434,949 Members | 2,085 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 434,949 IT Pros & Developers. It's quick & easy.

Need help on the Permissions needed to log to Event Log from ASP.NET?

P: n/a
Hello all.

I have a couple of aspx pages. When something fails in them, I would like
them to be able to log to either a database, a logfile, or the application
log. All code is in C#

I run into permissions problems straigh away though. To log to the event
log, you need Administrator privileges. So followed MS example how to
sandbox sensitive and secure code.
1) Made a new component, to sandbox the event log code, and to decrease the
possible attack surface.
2) Created a strong key, and added it to the assembly file.
3) Added the APTCA attribute ([assembly: AllowPartiallyTrustedCallers]),
and as per MS instructions, the following attribute also:
[assembly: EventLogPermission(SecurityAction.RequestMinimum,
PermissionAccess = EventLogPermissionAccess.Instrument)]
4) Added the component to the GAC
5) The code in the function looks like this:

public static bool LogEvent(string LogName, string Source, string User,
string LogText, int EventID, short Category)
EventLog oLog;
EventLogEntryType lEntry = EventLogEntryType.Error;
EventLogPermission oPerm;

string sMachine = System.Net.Dns.GetHostName();
string sLog;
bool bOK = false;
sLog = LogName;

Category = 0;
System.Text.StringBuilder oBuilder = new
System.Text.StringBuilder(LogText.Length + 100);

oBuilder.Append("Date: ");
oBuilder.Append (System.DateTime.Now.ToString());
oBuilder.Append("\n"); // new line

oBuilder.Append("User: ");
oBuilder.Append("\n\n"); // new line

// to allow untrusted callers the right to add entries to the event log.
oPerm = new EventLogPermission(EventLogPermissionAccess.Instru ment,

if (!EventLog.SourceExists(Source))
EventLog.CreateEventSource(Source, sLog, sMachine);

// using means that we don't have to explicitly call dispose at the end.
// Dispose is called implicitly at the end of the using bracket.
// Only supported for objects that implement IDisposable.
using (oLog = new EventLog(sLog, sMachine, Source))

string sEventDescription = oBuilder.ToString();

oLog.WriteEntry(sEventDescription, lEntry, EventID, Category);
bOK = true;
catch (System.Security.SecurityException secEx)
bOK = false;
catch (System.Exception ex)
bOK = false;


return bOK;
When this component is called from my aspx pages the following error occurs:

Description: The application attempted to perform an operation not allowed
by the security policy. To grant this application the required permission
please contact your system administrator or change the application's trust
level in the configuration file.

Exception Details: System.Security.SecurityException: Requested registry
access is not allowed.

Source Error:

An unhandled exception was generated during the execution of the
current web request. Information regarding the origin and location of the
exception can be identified using the exception stack trace below.
I have tried to modify the trust level in the web.config file, but to no
avail. Full trust level works no better than the default trust level.
Clearly, the pages do not have permissions to access the component, and to
execute the code.
I know that the code fails at the call to oLog.WriteEntry

Any idea how to do fix this? Need I configure some assemblies or some such?
Should I remove the demand for Instrument privelege for EventLogPermission?
Have tried to look at code groups under machine config in the .Neet
configuration tool, but nothing helps.

The web pages are running in the default ASP.NET account, as they are on a
public server, and running the web pages under an administrative account is
out of the question.

// Sincerily yours, Henrik
Nov 17 '05 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.