logging-log4net-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dominik Psenner (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (LOG4NET-347) Log4net not working in an ASP.Net environment with medium trust
Date Tue, 12 Feb 2013 15:23:13 GMT

    [ https://issues.apache.org/jira/browse/LOG4NET-347?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13576679#comment-13576679

Dominik Psenner commented on LOG4NET-347:

This looks almost good. According to http://msdn.microsoft.com/en-us/library/system.security.securityruleset(v=vs.100).aspx
this enumeration is available only in .NET 4.0 and .NET 4.5. Did you try if the patch breaks
log4net on Mono, .NET 2.0, 3.0, 3.5? I'm quite sure we can cope those cases with IFDEF's if
> Log4net not working in an ASP.Net environment with medium trust
> ---------------------------------------------------------------
>                 Key: LOG4NET-347
>                 URL: https://issues.apache.org/jira/browse/LOG4NET-347
>             Project: Log4net
>          Issue Type: Bug
>          Components: Core
>         Environment: Asp.Net environment running in medium trust
>            Reporter: Michele Lepri
>         Attachments: log4net-347.patch
> As you know, .net 4 security policy are changed and are a lot more strict.
> First of all, I'm not an expert about .net 4 security =) and I never
> developed web apps for medium trust: this is my fist time.
> The problem is simple: log4net doesn't work in medium trust.
> the exception is thrown by the [SecurityCritical] Attribute of the
> System.Reflection.TargetInvocationException: Exception has been thrown
> "GetObjectData" method of ReadOnlyPropertiesDictionary class.
> by the target of an invocation. ---> System.TypeLoadException:
> Inheritance security rules violated while overriding member:
> 'log4net.Util.ReadOnlyPropertiesDictionary.GetObjectData(System.Runtim
> e.Serialization.SerializationInfo,
> System.Runtime.Serialization.StreamingContext)'. Security
> accessibility of the overriding method must match the security
> accessibility of the method being overriden.
>   at log4net.Repository.Hierarchy.Hierarchy..ctor(ILoggerFactory
> loggerFactory)
>   at log4net.Repository.Hierarchy.Hierarchy..ctor()
>   --- End of inner exception stack trace ---
>   at System.RuntimeTypeHandle.CreateInstance(RuntimeType type,
> Boolean publicOnly, Boolean noCheck, Boolean& canBeCached,
> RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck)
>   at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly,
> Boolean skipCheckThis, Boolean fillCache)
>   at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly,
> Boolean skipVisibilityChecks, Boolean skipCheckThis, Boolean fillCache)
>   at System.Activator.CreateInstance(Type type, Boolean nonPublic)
>   at log4net.Core.DefaultRepositorySelector.CreateRepository(String
> repositoryName, Type repositoryType)
>   at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
> repositoryAssembly, Type repositoryType, String repositoryName,
> Boolean
> readAssemblyAttributes)
>   at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
> repositoryAssembly, Type repositoryType)
>   at log4net.Core.DefaultRepositorySelector.GetRepository(Assembly
> repositoryAssembly)
>   at log4net.Core.LoggerManager.GetRepository(Assembly repositoryAssembly)
>   at log4net.Config.XmlConfigurator.Configure()
> [CUT]
> According to this:
> http://msdn.microsoft.com/en-us/library/bb924412.aspx
> Serialization in a partially-trusted application should be done in
> another way ([DataContract] attribute must used, you can't use
> [Serializable] attribute and can't use ISerializable interface to
> control the serialization process.
> I patched log4net in a insane way, but it works now: after removed the
> [Serializable] and the ISerializable interface all work fine, but of
> course i "lose" all the code performed by the implementation of the
> ISerializable interface.
> By the way the log is fine for me now and all I need seem to work.
> To be really onest, i don't know what I should loose doing a thing like
> that..
> Other library (like Ninject) provide a separate build for medium trust
> environment and it works great.
> I think would be really great to have a version like that for log4net.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message