logging-log4net-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Arnott (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (LOG4NET-347) Log4net not working in an ASP.Net environment with medium trust
Date Thu, 14 Mar 2013 14:14:12 GMT

    [ https://issues.apache.org/jira/browse/LOG4NET-347?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13602299#comment-13602299
] 

Andrew Arnott commented on LOG4NET-347:
---------------------------------------

Thanks for going to the trouble of your survey, Dominik. 
What would you suggest for testing prior to closing the issue? If it's .NET 4.x, I had already
tested my private build before submitting the fix. If it's any other platform we need to verify
on, I don't have a computer with those platforms installed to test on, nor the experience
in building log4net for those platforms.
                
> Log4net not working in an ASP.Net environment with medium trust
> ---------------------------------------------------------------
>
>                 Key: LOG4NET-347
>                 URL: https://issues.apache.org/jira/browse/LOG4NET-347
>             Project: Log4net
>          Issue Type: Bug
>          Components: Core
>         Environment: Asp.Net environment running in medium trust
>            Reporter: Michele Lepri
>            Assignee: Dominik Psenner
>             Fix For: 1.2.12
>
>         Attachments: log4net-347.patch
>
>
> As you know, .net 4 security policy are changed and are a lot more strict.
> First of all, I'm not an expert about .net 4 security =) and I never
> developed web apps for medium trust: this is my fist time.
> The problem is simple: log4net doesn't work in medium trust.
> the exception is thrown by the [SecurityCritical] Attribute of the
> System.Reflection.TargetInvocationException: Exception has been thrown
> "GetObjectData" method of ReadOnlyPropertiesDictionary class.
> by the target of an invocation. ---> System.TypeLoadException:
> Inheritance security rules violated while overriding member:
> 'log4net.Util.ReadOnlyPropertiesDictionary.GetObjectData(System.Runtim
> e.Serialization.SerializationInfo,
> System.Runtime.Serialization.StreamingContext)'. Security
> accessibility of the overriding method must match the security
> accessibility of the method being overriden.
>   at log4net.Repository.Hierarchy.Hierarchy..ctor(ILoggerFactory
> loggerFactory)
>   at log4net.Repository.Hierarchy.Hierarchy..ctor()
>   --- End of inner exception stack trace ---
>   at System.RuntimeTypeHandle.CreateInstance(RuntimeType type,
> Boolean publicOnly, Boolean noCheck, Boolean& canBeCached,
> RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck)
>   at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly,
> Boolean skipCheckThis, Boolean fillCache)
>   at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly,
> Boolean skipVisibilityChecks, Boolean skipCheckThis, Boolean fillCache)
>   at System.Activator.CreateInstance(Type type, Boolean nonPublic)
>   at log4net.Core.DefaultRepositorySelector.CreateRepository(String
> repositoryName, Type repositoryType)
>   at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
> repositoryAssembly, Type repositoryType, String repositoryName,
> Boolean
> readAssemblyAttributes)
>   at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
> repositoryAssembly, Type repositoryType)
>   at log4net.Core.DefaultRepositorySelector.GetRepository(Assembly
> repositoryAssembly)
>   at log4net.Core.LoggerManager.GetRepository(Assembly repositoryAssembly)
>   at log4net.Config.XmlConfigurator.Configure()
> [CUT]
> According to this:
> http://msdn.microsoft.com/en-us/library/bb924412.aspx
> Serialization in a partially-trusted application should be done in
> another way ([DataContract] attribute must used, you can't use
> [Serializable] attribute and can't use ISerializable interface to
> control the serialization process.
> I patched log4net in a insane way, but it works now: after removed the
> [Serializable] and the ISerializable interface all work fine, but of
> course i "lose" all the code performed by the implementation of the
> ISerializable interface.
> By the way the log is fine for me now and all I need seem to work.
> To be really onest, i don't know what I should loose doing a thing like
> that..
> Other library (like Ninject) provide a separate build for medium trust
> environment and it works great.
> I think would be really great to have a version like that for log4net.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message