headers
Dennis Minderhoud | 14 Mar 2012 19:09
Picon
Favicon

Logger not working in an ASP.Net environment only works with full trust

I've made a simple .NET 4 Web Application in VS2010, and added a reference to log4net 1.2.11.0 (latest).

In this project I've made a Logger class:
public static class Logger
{
    private static readonly log4net.ILog log;

    static Logger()
    {
        try {
            log4net.Config.XmlConfigurator.Configure();
            log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);

        }
        catch (Exception e)
        {
            System.Diagnostics.Debug.Write(e.ToString());
        }
    }

    public static void LogInfo(string information)
    {
        log.Info(information);
    }

    public static void LogError(string erroMessage, Exception ex)
    {
        log.Error(erroMessage, ex);
    }

    public static void LogWarnings(string warningText)
    {
        log.Warn(warningText);
    }

    public static void Fatal(string fatalText)
    {
        log.Fatal(fatalText);
    }
}

When I call this Logger class (Logger.Fatal("Test");) in a Full trust environment, everything works correct. However, when I change the trust level to High (or Medium) it fails with the following exception:

System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.TypeLoadException: Inheritance security rules violated while overriding member: 'log4net.Util.ReadOnlyPropertiesDictionary.GetObjectData(System.Runtime.Serialization.SerializationInfo, System.Runtime.Serialization.StreamingContext)'. Security accessibility of the overriding method must match the security accessibility of the method being overriden.
   at log4net.Repository.Hierarchy.Hierarchy..ctor(ILoggerFactory loggerFactory)
   at log4net.Repository.Hierarchy.Hierarchy..ctor()
   --- End of inner exception stack trace ---
   at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck)
   at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean skipCheckThis, Boolean fillCache)
   at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean skipCheckThis, Boolean fillCache)
   at System.Activator.CreateInstance(Type type, Boolean nonPublic)
   at log4net.Core.DefaultRepositorySelector.CreateRepository(String repositoryName, Type repositoryType)
   at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly repositoryAssembly, Type repositoryType, String repositoryName, Boolean readAssemblyAttributes)
   at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly repositoryAssembly, Type repositoryType)
   at log4net.Core.DefaultRepositorySelector.GetRepository(Assembly repositoryAssembly)
   at log4net.Core.LoggerManager.GetRepository(Assembly repositoryAssembly)
   at log4net.Config.XmlConfigurator.Configure()
   at UtilClasses.Logger..cctor() in c:\users\***\documents\visual studio 2010\Projects\TestLogging\TestLogging\Default.aspx.cs:line 35

When I include the log4net project to the solution, I get the exception when creating an instance of the default LogRepository:

rep = (ILoggerRepository)Activator.CreateInstance(repositoryType); on line 412 of DefaultRepositorySelector.cs

this is my web.config:

<?xml version="1.0"?>

<configuration>

  <configSections>
    <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net" />
  </configSections>
  <system.web>
    <compilation debug="true" targetFramework="4.0" />
    <trust level="High" />
  </system.web>
  <log4net debug="true">
    <appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender">
      <file value="logfile.txt" />
      <appendToFile value="true" />
      <rollingStyle value="Date" />
      <datePattern value="yyyy-MM-dd" />
      <layout type="log4net.Layout.PatternLayout">
        <conversionPattern value="%date{dd-MM-yyyy HH:mm:ss,fff} [%-2p] - %C.%M - %m%n" />
      </layout>

    </appender>

    <root>
      <level value="ALL" />
      <appender-ref ref="RollingFileAppender" />
    </root>
  </log4net>
  <system.webServer>
     <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>
</configuration>

Other people suggest to add requirePermission=”false” to the section, but then the debugger won’t attach to the application pool.

I hope someone can help me out of this problem.

Regards,

Dennis Minderhoud

 

Permalink | Reply |
headers
Venkatasamy, Vanitha | 14 Mar 2012 19:47
Favicon

RE: Logger not working in an ASP.Net environment only works with full trust

Dennis,

 The error seems new to me, because I had encountered lot of issues while implementing the log4Net in my app.

 

Please check the below option , it might help you..

1.In your web.config enable the log4net enable

<add key="log4net.Internal.Debug" value="true"/>

After </system.web>

  <system.diagnostics>

    <trace autoflush="true">

      <listeners>

        <add name="textWriterTraceListener"

           type="System.Diagnostics.TextWriterTraceListener"

           initializeData="c:\\logerror.log" />

      </listeners>

    </trace>

  </system.diagnostics>

 

2. <configSections>

    <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net,Version=1.2.11.0, Culture=neutral, PublicKeyToken=669e0ddf0bb1aa2a"/>

   </configSections>

 

3.In you config ,is this the full path

 

      <file value="logfile.txt" />


make sure you have full write permission.

 

4.I was using EventLog appender , so I gave permission to create the log for the users.

 

5.mention

using log4net;

using log4net.Config;

using System.Reflection;

using System.Diagnostics.Eventing;

 

6.try

public static readonly ILog log = LogManager.GetLogger(typeof(ErrorLogging).Name);  

 

instead of

log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);

 

Let me know if it helps.

 

Thanks,

 

 

From: Dennis Minderhoud [mailto:dmi <at> presoft.nl]
Sent: Wednesday, March 14, 2012 2:10 PM
To: log4net-user <at> logging.apache.org; log4net-dev <at> logging.apache.org
Subject: Logger not working in an ASP.Net environment only works with full trust

 

I've made a simple .NET 4 Web Application in VS2010, and added a reference to log4net 1.2.11.0 (latest).

In this project I've made a Logger class:
public static class Logger
{
    private static readonly log4net.ILog log;

    static Logger()
    {
        try {
            log4net.Config.XmlConfigurator.Configure();
            log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);

        }
        catch (Exception e)
        {
            System.Diagnostics.Debug.Write(e.ToString());
        }
    }

    public static void LogInfo(string information)
    {
        log.Info(information);
    }

    public static void LogError(string erroMessage, Exception ex)
    {
        log.Error(erroMessage, ex);
    }

    public static void LogWarnings(string warningText)
    {
        log.Warn(warningText);
    }

    public static void Fatal(string fatalText)
    {
        log.Fatal(fatalText);
    }
}

When I call this Logger class (Logger.Fatal("Test");) in a Full trust environment, everything works correct. However, when I change the trust level to High (or Medium) it fails with the following exception:

System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.TypeLoadException: Inheritance security rules violated while overriding member: 'log4net.Util.ReadOnlyPropertiesDictionary.GetObjectData(System.Runtime.Serialization.SerializationInfo, System.Runtime.Serialization.StreamingContext)'. Security accessibility of the overriding method must match the security accessibility of the method being overriden.
   at log4net.Repository.Hierarchy.Hierarchy..ctor(ILoggerFactory loggerFactory)
   at log4net.Repository.Hierarchy.Hierarchy..ctor()
   --- End of inner exception stack trace ---
   at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck)
   at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean skipCheckThis, Boolean fillCache)
   at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean skipCheckThis, Boolean fillCache)
   at System.Activator.CreateInstance(Type type, Boolean nonPublic)
   at log4net.Core.DefaultRepositorySelector.CreateRepository(String repositoryName, Type repositoryType)
   at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly repositoryAssembly, Type repositoryType, String repositoryName, Boolean readAssemblyAttributes)
   at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly repositoryAssembly, Type repositoryType)
   at log4net.Core.DefaultRepositorySelector.GetRepository(Assembly repositoryAssembly)
   at log4net.Core.LoggerManager.GetRepository(Assembly repositoryAssembly)
   at log4net.Config.XmlConfigurator.Configure()
   at UtilClasses.Logger..cctor() in c:\users\***\documents\visual studio 2010\Projects\TestLogging\TestLogging\Default.aspx.cs:line 35

When I include the log4net project to the solution, I get the exception when creating an instance of the default LogRepository:

rep = (ILoggerRepository)Activator.CreateInstance(repositoryType); on line 412 of DefaultRepositorySelector.cs

this is my web.config:

<?xml version="1.0"?>

<configuration>

  <configSections>
    <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net" />
  </configSections>
  <system.web>
    <compilation debug="true" targetFramework="4.0" />
    <trust level="High" />
  </system.web>
  <log4net debug="true">
    <appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender">
      <file value="logfile.txt" />
      <appendToFile value="true" />
      <rollingStyle value="Date" />
      <datePattern value="yyyy-MM-dd" />
      <layout type="log4net.Layout.PatternLayout">
        <conversionPattern value="%date{dd-MM-yyyy HH:mm:ss,fff} [%-2p] - %C.%M - %m%n" />
      </layout>

    </appender>

    <root>
      <level value="ALL" />
      <appender-ref ref="RollingFileAppender" />
    </root>
  </log4net>
  <system.webServer>
     <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>
</configuration>

Other people suggest to add requirePermission=”false” to the section, but then the debugger won’t attach to the application pool.

I hope someone can help me out of this problem.

Regards,

Dennis Minderhoud

 



This message contains Devin Group confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail.
Please notify the sender immediately by e-mail if you have received this e-mail in error and delete this e-mail from your system. E-mail transmissions cannot be guaranteed secure, error-free and information could be intercepted, corrupted, lost, destroyed, arrive late, incomplete, or contain viruses. The sender therefore does not accept liability for errors or omissions in the contents of this message which may arise as result of transmission. If verification is required please request hard-copy version.
Permalink | Reply |
headers
Michele Lepri | 13 May 2012 20:52
Picon

Re: Logger not working in an ASP.Net environment only works with full trust

Hello all,
I fall into the same problem: unluckily the advices of Vanitha
Venkatasamy in the other reply don't solve the issue.

Adding this attribute
[assembly:
System.Security.SecurityRules(System.Security.SecurityRuleSet.Level1)]

like written here:
http://stackoverflow.com/questions/2279896/log4net-and-net-4-0-rc

change only the exception in:

*****
Description: The application attempted to perform an operation not
allowed by the security policy.  To grant this application the required
permission please contact your system administrator or change the
application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the
permission of type 'System.Security.Permissions.FileIOPermission,
mscorlib, Version=4.0.0.0, Culture=neutral,
PublicKeyToken=b77a5c561934e089' failed.
*****

Of course I can't change the security policy.

The author of the reply say it is related to how Log4Net is written.

Any idea?
I have to open a jira issue for this?

thanks
michele

Il 14/03/2012 19:09, Dennis Minderhoud ha scritto:
> I've made a simple .NET 4 Web Application in VS2010, and added a
> reference to log4net 1.2.11.0 (latest).
> 
> In this project I've made a |Logger| class:
> public static class Logger
> {
>     private static readonly log4net.ILog log;
> 
>     static Logger()
>     {
>         try {
>             log4net.Config.XmlConfigurator.Configure();
>             log =
log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType); 
> 
>         }
>         catch (Exception e)
>         {
>             System.Diagnostics.Debug.Write(e.ToString());
>         }
>     }
> 
>     public static void LogInfo(string information)
>     {
>         log.Info(information);
>     }
> 
>     public static void LogError(string erroMessage, Exception ex)
>     {
>         log.Error(erroMessage, ex);
>     }
> 
>     public static void LogWarnings(string warningText)
>     {
>         log.Warn(warningText);
>     }
> 
>     public static void Fatal(string fatalText)
>     {
>         log.Fatal(fatalText);
>     }
> }
> 
> When I call this |Logger|class (|Logger.Fatal("Test");|) in a Full trust
> environment, everything works correct. However, when I change the trust
> level to High (or Medium) it fails with the following exception:
> 
> System.Reflection.TargetInvocationException: Exception has been thrown
> by the target of an invocation. ---> System.TypeLoadException:
> Inheritance security rules violated while overriding member:
> 'log4net.Util.ReadOnlyPropertiesDictionary.GetObjectData(System.Runtime.Serialization.SerializationInfo,
> System.Runtime.Serialization.StreamingContext)'. Security accessibility
> of the overriding method must match the security accessibility of the
> method being overriden.
>    at log4net.Repository.Hierarchy.Hierarchy..ctor(ILoggerFactory
> loggerFactory)
>    at log4net.Repository.Hierarchy.Hierarchy..ctor()
>    --- End of inner exception stack trace ---
>    at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean
> publicOnly, Boolean noCheck, Boolean& canBeCached,
> RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck)
>    at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean
> skipCheckThis, Boolean fillCache)
>    at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly,
> Boolean skipVisibilityChecks, Boolean skipCheckThis, Boolean fillCache)
>    at System.Activator.CreateInstance(Type type, Boolean nonPublic)
>    at log4net.Core.DefaultRepositorySelector.CreateRepository(String
> repositoryName, Type repositoryType)
>    at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
> repositoryAssembly, Type repositoryType, String repositoryName, Boolean
> readAssemblyAttributes)
>    at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
> repositoryAssembly, Type repositoryType)
>    at log4net.Core.DefaultRepositorySelector.GetRepository(Assembly
> repositoryAssembly)
>    at log4net.Core.LoggerManager.GetRepository(Assembly repositoryAssembly)
>    at log4net.Config.XmlConfigurator.Configure()
>    at UtilClasses.Logger..cctor() in c:\users\***\documents\visual
> studio 2010\Projects\TestLogging\TestLogging\Default.aspx.cs:line 35
> 
> When I include the log4net project to the solution, I get the exception
> when creating an instance of the default LogRepository:
> 
> rep = (ILoggerRepository)Activator.CreateInstance(repositoryType); on
> line 412of DefaultRepositorySelector.cs
> 
> this is my web.config:
> 
> <?xml version="1.0"?>
> 
> <configuration>
> 
>   <configSections>
>     <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net" />
>   </configSections>
>   <system.web>
>     <compilation debug="true" targetFramework="4.0" />
>     <trust level="High" />
>   </system.web>
>   <log4net debug="true">
>     <appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender">
>       <file value="logfile.txt" />
>       <appendToFile value="true" />
>       <rollingStyle value="Date" />
>       <datePattern value="yyyy-MM-dd" />
>       <layout type="log4net.Layout.PatternLayout">
>         <conversionPattern value="%date{dd-MM-yyyy HH:mm:ss,fff} [%-2p] - %C.%M - %m%n" />
>       </layout>
> 
>     </appender>
> 
>     <root>
>       <level value="ALL" />
>       <appender-ref ref="RollingFileAppender" />
>     </root>
>   </log4net>
>   <system.webServer>
>      <modules runAllManagedModulesForAllRequests="true"/>
>   </system.webServer>
> </configuration>
> 
> Other people suggest to add requirePermission=”false”to the section, but
> then the debugger won’t attach to the application pool.
> 
> I hope someone can help me out of this problem.
> 
> Regards,
> 
> Dennis Minderhoud
> 
>  
> 

--

-- 
http://michelelepri.blogspot.com/
Permalink | Reply |
headers
Martin Milan | 14 May 2012 10:18
Favicon

RE: Logger not working in an ASP.Net environment only works with full trust

Whilst you might not be able to change the security policy, perhaps you could get around the problem by
moving whatever is being written into a different folder that would not fall afoul of it?

Martin.


-----Original Message-----
From: Michele Lepri [mailto:michele.lepri <at> gmail.com] 
Sent: 13 May 2012 19:52
To: Log4NET User
Subject: Re: Logger not working in an ASP.Net environment only works with full trust

Hello all,
I fall into the same problem: unluckily the advices of Vanitha Venkatasamy in the other reply don't solve
the issue.

Adding this attribute
[assembly:
System.Security.SecurityRules(System.Security.SecurityRuleSet.Level1)]

like written here:
http://stackoverflow.com/questions/2279896/log4net-and-net-4-0-rc


change only the exception in:

*****
Description: The application attempted to perform an operation not allowed by the security policy.  To
grant this application the required permission please contact your system administrator or change the
application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission,
mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
*****

Of course I can't change the security policy.

The author of the reply say it is related to how Log4Net is written.

Any idea?
I have to open a jira issue for this?

thanks
michele


Il 14/03/2012 19:09, Dennis Minderhoud ha scritto:
> I've made a simple .NET 4 Web Application in VS2010, and added a 
> reference to log4net 1.2.11.0 (latest).
> 
> In this project I've made a |Logger| class:
> public static class Logger
> {
>     private static readonly log4net.ILog log;
> 
>     static Logger()
>     {
>         try {
>             log4net.Config.XmlConfigurator.Configure();
>             log = 
> log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMe
> thod().DeclaringType);
> 
>         }
>         catch (Exception e)
>         {
>             System.Diagnostics.Debug.Write(e.ToString());
>         }
>     }
> 
>     public static void LogInfo(string information)
>     {
>         log.Info(information);
>     }
> 
>     public static void LogError(string erroMessage, Exception ex)
>     {
>         log.Error(erroMessage, ex);
>     }
> 
>     public static void LogWarnings(string warningText)
>     {
>         log.Warn(warningText);
>     }
> 
>     public static void Fatal(string fatalText)
>     {
>         log.Fatal(fatalText);
>     }
> }
> 
> When I call this |Logger|class (|Logger.Fatal("Test");|) in a Full 
> trust environment, everything works correct. However, when I change 
> the trust level to High (or Medium) it fails with the following exception:
> 
> System.Reflection.TargetInvocationException: Exception has been thrown 
> by the target of an invocation. ---> System.TypeLoadException:
> Inheritance security rules violated while overriding member:
> 'log4net.Util.ReadOnlyPropertiesDictionary.GetObjectData(System.Runtim
> e.Serialization.SerializationInfo,
> System.Runtime.Serialization.StreamingContext)'. Security 
> accessibility of the overriding method must match the security 
> accessibility of the method being overriden.
>    at log4net.Repository.Hierarchy.Hierarchy..ctor(ILoggerFactory
> loggerFactory)
>    at log4net.Repository.Hierarchy.Hierarchy..ctor()
>    --- End of inner exception stack trace ---
>    at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, 
> Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, 
> RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck)
>    at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, 
> Boolean skipCheckThis, Boolean fillCache)
>    at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly, 
> Boolean skipVisibilityChecks, Boolean skipCheckThis, Boolean fillCache)
>    at System.Activator.CreateInstance(Type type, Boolean nonPublic)
>    at log4net.Core.DefaultRepositorySelector.CreateRepository(String
> repositoryName, Type repositoryType)
>    at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
> repositoryAssembly, Type repositoryType, String repositoryName, 
> Boolean
> readAssemblyAttributes)
>    at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
> repositoryAssembly, Type repositoryType)
>    at log4net.Core.DefaultRepositorySelector.GetRepository(Assembly
> repositoryAssembly)
>    at log4net.Core.LoggerManager.GetRepository(Assembly repositoryAssembly)
>    at log4net.Config.XmlConfigurator.Configure()
>    at UtilClasses.Logger..cctor() in c:\users\***\documents\visual 
> studio 2010\Projects\TestLogging\TestLogging\Default.aspx.cs:line 35
> 
> When I include the log4net project to the solution, I get the 
> exception when creating an instance of the default LogRepository:
> 
> rep = (ILoggerRepository)Activator.CreateInstance(repositoryType); on 
> line 412of DefaultRepositorySelector.cs
> 
> this is my web.config:
> 
> <?xml version="1.0"?>
> 
> <configuration>
> 
>   <configSections>
>     <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net" />
>   </configSections>
>   <system.web>
>     <compilation debug="true" targetFramework="4.0" />
>     <trust level="High" />
>   </system.web>
>   <log4net debug="true">
>     <appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender">
>       <file value="logfile.txt" />
>       <appendToFile value="true" />
>       <rollingStyle value="Date" />
>       <datePattern value="yyyy-MM-dd" />
>       <layout type="log4net.Layout.PatternLayout">
>         <conversionPattern value="%date{dd-MM-yyyy HH:mm:ss,fff} [%-2p] - %C.%M - %m%n" />
>       </layout>
> 
>     </appender>
> 
>     <root>
>       <level value="ALL" />
>       <appender-ref ref="RollingFileAppender" />
>     </root>
>   </log4net>
>   <system.webServer>
>      <modules runAllManagedModulesForAllRequests="true"/>
>   </system.webServer>
> </configuration>
> 
> Other people suggest to add requirePermission=”false”to the section, 
> but then the debugger won’t attach to the application pool.
> 
> I hope someone can help me out of this problem.
> 
> Regards,
> 
> Dennis Minderhoud
> 
>  
> 


--
http://michelelepri.blogspot.com/


EnServe Group
Permalink | Reply |
headers
Michele Lepri | 14 May 2012 11:05
Picon

Re: Logger not working in an ASP.Net environment only works with full trust

Thanks Martin for the reply,
no I can't change the security policy cause this project must run in a
shared hosting.

I think I don't understand what I should move: the folder where I write
the log already have all the needed right, but I think what throw the
security exception is something related to this:

http://msdn.microsoft.com/en-us/library/dd233102%28VS.100%29.aspx

I will investigate deeper I can today later..

michele

Il 14/05/2012 10:18, Martin Milan ha scritto:
> Whilst you might not be able to change the security policy, perhaps you could get around the problem by
moving whatever is being written into a different folder that would not fall afoul of it?
> 
> Martin.
> 
> 
> -----Original Message-----
> From: Michele Lepri [mailto:michele.lepri <at> gmail.com] 
> Sent: 13 May 2012 19:52
> To: Log4NET User
> Subject: Re: Logger not working in an ASP.Net environment only works with full trust
> 
> Hello all,
> I fall into the same problem: unluckily the advices of Vanitha Venkatasamy in the other reply don't solve
the issue.
> 
> Adding this attribute
> [assembly:
> System.Security.SecurityRules(System.Security.SecurityRuleSet.Level1)]
> 
> like written here:
> http://stackoverflow.com/questions/2279896/log4net-and-net-4-0-rc
> 
> change only the exception in:
> 
> *****
> Description: The application attempted to perform an operation not allowed by the security policy.  To
grant this application the required permission please contact your system administrator or change the
application's trust level in the configuration file.
> 
> Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission,
> mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
> *****
> 
> Of course I can't change the security policy.
> 
> The author of the reply say it is related to how Log4Net is written.
> 
> Any idea?
> I have to open a jira issue for this?
> 
> thanks
> michele
> 
> 
> Il 14/03/2012 19:09, Dennis Minderhoud ha scritto:
>> I've made a simple .NET 4 Web Application in VS2010, and added a 
>> reference to log4net 1.2.11.0 (latest).
>>
>> In this project I've made a |Logger| class:
>> public static class Logger
>> {
>>     private static readonly log4net.ILog log;
>>
>>     static Logger()
>>     {
>>         try {
>>             log4net.Config.XmlConfigurator.Configure();
>>             log = 
>> log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMe
>> thod().DeclaringType);
>>
>>         }
>>         catch (Exception e)
>>         {
>>             System.Diagnostics.Debug.Write(e.ToString());
>>         }
>>     }
>>
>>     public static void LogInfo(string information)
>>     {
>>         log.Info(information);
>>     }
>>
>>     public static void LogError(string erroMessage, Exception ex)
>>     {
>>         log.Error(erroMessage, ex);
>>     }
>>
>>     public static void LogWarnings(string warningText)
>>     {
>>         log.Warn(warningText);
>>     }
>>
>>     public static void Fatal(string fatalText)
>>     {
>>         log.Fatal(fatalText);
>>     }
>> }
>>
>> When I call this |Logger|class (|Logger.Fatal("Test");|) in a Full 
>> trust environment, everything works correct. However, when I change 
>> the trust level to High (or Medium) it fails with the following exception:
>>
>> System.Reflection.TargetInvocationException: Exception has been thrown 
>> by the target of an invocation. ---> System.TypeLoadException:
>> Inheritance security rules violated while overriding member:
>> 'log4net.Util.ReadOnlyPropertiesDictionary.GetObjectData(System.Runtim
>> e.Serialization.SerializationInfo,
>> System.Runtime.Serialization.StreamingContext)'. Security 
>> accessibility of the overriding method must match the security 
>> accessibility of the method being overriden.
>>    at log4net.Repository.Hierarchy.Hierarchy..ctor(ILoggerFactory
>> loggerFactory)
>>    at log4net.Repository.Hierarchy.Hierarchy..ctor()
>>    --- End of inner exception stack trace ---
>>    at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, 
>> Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, 
>> RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck)
>>    at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, 
>> Boolean skipCheckThis, Boolean fillCache)
>>    at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly, 
>> Boolean skipVisibilityChecks, Boolean skipCheckThis, Boolean fillCache)
>>    at System.Activator.CreateInstance(Type type, Boolean nonPublic)
>>    at log4net.Core.DefaultRepositorySelector.CreateRepository(String
>> repositoryName, Type repositoryType)
>>    at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
>> repositoryAssembly, Type repositoryType, String repositoryName, 
>> Boolean
>> readAssemblyAttributes)
>>    at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
>> repositoryAssembly, Type repositoryType)
>>    at log4net.Core.DefaultRepositorySelector.GetRepository(Assembly
>> repositoryAssembly)
>>    at log4net.Core.LoggerManager.GetRepository(Assembly repositoryAssembly)
>>    at log4net.Config.XmlConfigurator.Configure()
>>    at UtilClasses.Logger..cctor() in c:\users\***\documents\visual 
>> studio 2010\Projects\TestLogging\TestLogging\Default.aspx.cs:line 35
>>
>> When I include the log4net project to the solution, I get the 
>> exception when creating an instance of the default LogRepository:
>>
>> rep = (ILoggerRepository)Activator.CreateInstance(repositoryType); on 
>> line 412of DefaultRepositorySelector.cs
>>
>> this is my web.config:
>>
>> <?xml version="1.0"?>
>>
>> <configuration>
>>
>>   <configSections>
>>     <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net" />
>>   </configSections>
>>   <system.web>
>>     <compilation debug="true" targetFramework="4.0" />
>>     <trust level="High" />
>>   </system.web>
>>   <log4net debug="true">
>>     <appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender">
>>       <file value="logfile.txt" />
>>       <appendToFile value="true" />
>>       <rollingStyle value="Date" />
>>       <datePattern value="yyyy-MM-dd" />
>>       <layout type="log4net.Layout.PatternLayout">
>>         <conversionPattern value="%date{dd-MM-yyyy HH:mm:ss,fff} [%-2p] - %C.%M - %m%n" />
>>       </layout>
>>
>>     </appender>
>>
>>     <root>
>>       <level value="ALL" />
>>       <appender-ref ref="RollingFileAppender" />
>>     </root>
>>   </log4net>
>>   <system.webServer>
>>      <modules runAllManagedModulesForAllRequests="true"/>
>>   </system.webServer>
>> </configuration>
>>
>> Other people suggest to add requirePermission=”false”to the section, 
>> but then the debugger won’t attach to the application pool.
>>
>> I hope someone can help me out of this problem.
>>
>> Regards,
>>
>> Dennis Minderhoud
>>
>>  
>>
> 
> 
> --
> http://michelelepri.blogspot.com/
> 
> EnServe Group

--

-- 
http://michelelepri.blogspot.com/
Permalink | Reply |
headers
Michele Lepri | 14 May 2012 20:35
Picon

Re: [problem founded] Logger not working in an ASP.Net environment only works with full trust

I think I found what .net 4 policy doesn't like..

According to this:
http://msdn.microsoft.com/en-us/library/bb924412.aspx

Serialization in a partially-truste application should be done in
another way ([DataContract] attribute must used, you can't use
[Serializable] attribute and can't use ISerializable interface to
control the serialization process.

After removed the [Serializable] and the ISerializable interface all
work fine, but of course i "loose" all the code performed by the
implementation of the ISerializable interface.
By the way the log is fine for me now and all I need seem to work.

I thinks this need a look from some log4net dev-team guy, because now
log4net is really unusable in a partially trusted environment.

What do you think?
Should I write in dev-list about it?

Thanks and best regards
michele

Il 14/05/2012 10:18, Martin Milan ha scritto:
> Whilst you might not be able to change the security policy, perhaps you could get around the problem by
moving whatever is being written into a different folder that would not fall afoul of it?
> 
> Martin.
> 
> 
> -----Original Message-----
> From: Michele Lepri [mailto:michele.lepri <at> gmail.com] 
> Sent: 13 May 2012 19:52
> To: Log4NET User
> Subject: Re: Logger not working in an ASP.Net environment only works with full trust
> 
> Hello all,
> I fall into the same problem: unluckily the advices of Vanitha Venkatasamy in the other reply don't solve
the issue.
> 
> Adding this attribute
> [assembly:
> System.Security.SecurityRules(System.Security.SecurityRuleSet.Level1)]
> 
> like written here:
> http://stackoverflow.com/questions/2279896/log4net-and-net-4-0-rc
> 
> change only the exception in:
> 
> *****
> Description: The application attempted to perform an operation not allowed by the security policy.  To
grant this application the required permission please contact your system administrator or change the
application's trust level in the configuration file.
> 
> Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission,
> mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
> *****
> 
> Of course I can't change the security policy.
> 
> The author of the reply say it is related to how Log4Net is written.
> 
> Any idea?
> I have to open a jira issue for this?
> 
> thanks
> michele
> 
> 
> Il 14/03/2012 19:09, Dennis Minderhoud ha scritto:
>> I've made a simple .NET 4 Web Application in VS2010, and added a 
>> reference to log4net 1.2.11.0 (latest).
>>
>> In this project I've made a |Logger| class:
>> public static class Logger
>> {
>>     private static readonly log4net.ILog log;
>>
>>     static Logger()
>>     {
>>         try {
>>             log4net.Config.XmlConfigurator.Configure();
>>             log = 
>> log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMe
>> thod().DeclaringType);
>>
>>         }
>>         catch (Exception e)
>>         {
>>             System.Diagnostics.Debug.Write(e.ToString());
>>         }
>>     }
>>
>>     public static void LogInfo(string information)
>>     {
>>         log.Info(information);
>>     }
>>
>>     public static void LogError(string erroMessage, Exception ex)
>>     {
>>         log.Error(erroMessage, ex);
>>     }
>>
>>     public static void LogWarnings(string warningText)
>>     {
>>         log.Warn(warningText);
>>     }
>>
>>     public static void Fatal(string fatalText)
>>     {
>>         log.Fatal(fatalText);
>>     }
>> }
>>
>> When I call this |Logger|class (|Logger.Fatal("Test");|) in a Full 
>> trust environment, everything works correct. However, when I change 
>> the trust level to High (or Medium) it fails with the following exception:
>>
>> System.Reflection.TargetInvocationException: Exception has been thrown 
>> by the target of an invocation. ---> System.TypeLoadException:
>> Inheritance security rules violated while overriding member:
>> 'log4net.Util.ReadOnlyPropertiesDictionary.GetObjectData(System.Runtim
>> e.Serialization.SerializationInfo,
>> System.Runtime.Serialization.StreamingContext)'. Security 
>> accessibility of the overriding method must match the security 
>> accessibility of the method being overriden.
>>    at log4net.Repository.Hierarchy.Hierarchy..ctor(ILoggerFactory
>> loggerFactory)
>>    at log4net.Repository.Hierarchy.Hierarchy..ctor()
>>    --- End of inner exception stack trace ---
>>    at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, 
>> Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, 
>> RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck)
>>    at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, 
>> Boolean skipCheckThis, Boolean fillCache)
>>    at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly, 
>> Boolean skipVisibilityChecks, Boolean skipCheckThis, Boolean fillCache)
>>    at System.Activator.CreateInstance(Type type, Boolean nonPublic)
>>    at log4net.Core.DefaultRepositorySelector.CreateRepository(String
>> repositoryName, Type repositoryType)
>>    at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
>> repositoryAssembly, Type repositoryType, String repositoryName, 
>> Boolean
>> readAssemblyAttributes)
>>    at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
>> repositoryAssembly, Type repositoryType)
>>    at log4net.Core.DefaultRepositorySelector.GetRepository(Assembly
>> repositoryAssembly)
>>    at log4net.Core.LoggerManager.GetRepository(Assembly repositoryAssembly)
>>    at log4net.Config.XmlConfigurator.Configure()
>>    at UtilClasses.Logger..cctor() in c:\users\***\documents\visual 
>> studio 2010\Projects\TestLogging\TestLogging\Default.aspx.cs:line 35
>>
>> When I include the log4net project to the solution, I get the 
>> exception when creating an instance of the default LogRepository:
>>
>> rep = (ILoggerRepository)Activator.CreateInstance(repositoryType); on 
>> line 412of DefaultRepositorySelector.cs
>>
>> this is my web.config:
>>
>> <?xml version="1.0"?>
>>
>> <configuration>
>>
>>   <configSections>
>>     <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net" />
>>   </configSections>
>>   <system.web>
>>     <compilation debug="true" targetFramework="4.0" />
>>     <trust level="High" />
>>   </system.web>
>>   <log4net debug="true">
>>     <appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender">
>>       <file value="logfile.txt" />
>>       <appendToFile value="true" />
>>       <rollingStyle value="Date" />
>>       <datePattern value="yyyy-MM-dd" />
>>       <layout type="log4net.Layout.PatternLayout">
>>         <conversionPattern value="%date{dd-MM-yyyy HH:mm:ss,fff} [%-2p] - %C.%M - %m%n" />
>>       </layout>
>>
>>     </appender>
>>
>>     <root>
>>       <level value="ALL" />
>>       <appender-ref ref="RollingFileAppender" />
>>     </root>
>>   </log4net>
>>   <system.webServer>
>>      <modules runAllManagedModulesForAllRequests="true"/>
>>   </system.webServer>
>> </configuration>
>>
>> Other people suggest to add requirePermission=”false”to the section, 
>> but then the debugger won’t attach to the application pool.
>>
>> I hope someone can help me out of this problem.
>>
>> Regards,
>>
>> Dennis Minderhoud
>>

--

-- 
http://michelelepri.blogspot.com/
Permalink | Reply |
headers
Stefan Bodewig | 15 May 2012 06:05
Picon
Favicon
Gravatar

Re: [problem founded] Logger not working in an ASP.Net environment only works with full trust

On 2012-05-14, Michele Lepri wrote:

> Should I write in dev-list about it?

Yes, please do.  I'm not sure whether all people who'd be willing to
help are subscribed to this list.

Thanks

        Stefan
Permalink | Reply |

Gmane