logging-log4net-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michele Lepri <michele.le...@gmail.com>
Subject Re: [problem founded] Logger not working in an ASP.Net environment only works with full trust
Date Mon, 14 May 2012 18:35:02 GMT
I think I found what .net 4 policy doesn't like..

According to this:
http://msdn.microsoft.com/en-us/library/bb924412.aspx

Serialization in a partially-truste application should be done in
another way ([DataContract] attribute must used, you can't use
[Serializable] attribute and can't use ISerializable interface to
control the serialization process.

After removed the [Serializable] and the ISerializable interface all
work fine, but of course i "loose" all the code performed by the
implementation of the ISerializable interface.
By the way the log is fine for me now and all I need seem to work.

I thinks this need a look from some log4net dev-team guy, because now
log4net is really unusable in a partially trusted environment.

What do you think?
Should I write in dev-list about it?

Thanks and best regards
michele

Il 14/05/2012 10:18, Martin Milan ha scritto:
> Whilst you might not be able to change the security policy, perhaps you could get around
the problem by moving whatever is being written into a different folder that would not fall
afoul of it?
> 
> Martin.
> 
> 
> -----Original Message-----
> From: Michele Lepri [mailto:michele.lepri@gmail.com] 
> Sent: 13 May 2012 19:52
> To: Log4NET User
> Subject: Re: Logger not working in an ASP.Net environment only works with full trust
> 
> Hello all,
> I fall into the same problem: unluckily the advices of Vanitha Venkatasamy in the other
reply don't solve the issue.
> 
> Adding this attribute
> [assembly:
> System.Security.SecurityRules(System.Security.SecurityRuleSet.Level1)]
> 
> like written here:
> http://stackoverflow.com/questions/2279896/log4net-and-net-4-0-rc
> 
> change only the exception in:
> 
> *****
> Description: The application attempted to perform an operation not allowed by the security
policy.  To grant this application the required permission please contact your system administrator
or change the application's trust level in the configuration file.
> 
> Exception Details: System.Security.SecurityException: Request for the permission of type
'System.Security.Permissions.FileIOPermission,
> mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
> *****
> 
> Of course I can't change the security policy.
> 
> The author of the reply say it is related to how Log4Net is written.
> 
> Any idea?
> I have to open a jira issue for this?
> 
> thanks
> michele
> 
> 
> Il 14/03/2012 19:09, Dennis Minderhoud ha scritto:
>> I've made a simple .NET 4 Web Application in VS2010, and added a 
>> reference to log4net 1.2.11.0 (latest).
>>
>> In this project I've made a |Logger| class:
>> public static class Logger
>> {
>>     private static readonly log4net.ILog log;
>>
>>     static Logger()
>>     {
>>         try {
>>             log4net.Config.XmlConfigurator.Configure();
>>             log = 
>> log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMe
>> thod().DeclaringType);
>>
>>         }
>>         catch (Exception e)
>>         {
>>             System.Diagnostics.Debug.Write(e.ToString());
>>         }
>>     }
>>
>>     public static void LogInfo(string information)
>>     {
>>         log.Info(information);
>>     }
>>
>>     public static void LogError(string erroMessage, Exception ex)
>>     {
>>         log.Error(erroMessage, ex);
>>     }
>>
>>     public static void LogWarnings(string warningText)
>>     {
>>         log.Warn(warningText);
>>     }
>>
>>     public static void Fatal(string fatalText)
>>     {
>>         log.Fatal(fatalText);
>>     }
>> }
>>
>> When I call this |Logger|class (|Logger.Fatal("Test");|) in a Full 
>> trust environment, everything works correct. However, when I change 
>> the trust level to High (or Medium) it fails with the following exception:
>>
>> System.Reflection.TargetInvocationException: Exception has been thrown 
>> by the target of an invocation. ---> System.TypeLoadException:
>> Inheritance security rules violated while overriding member:
>> 'log4net.Util.ReadOnlyPropertiesDictionary.GetObjectData(System.Runtim
>> e.Serialization.SerializationInfo,
>> System.Runtime.Serialization.StreamingContext)'. Security 
>> accessibility of the overriding method must match the security 
>> accessibility of the method being overriden.
>>    at log4net.Repository.Hierarchy.Hierarchy..ctor(ILoggerFactory
>> loggerFactory)
>>    at log4net.Repository.Hierarchy.Hierarchy..ctor()
>>    --- End of inner exception stack trace ---
>>    at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, 
>> Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, 
>> RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck)
>>    at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, 
>> Boolean skipCheckThis, Boolean fillCache)
>>    at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly, 
>> Boolean skipVisibilityChecks, Boolean skipCheckThis, Boolean fillCache)
>>    at System.Activator.CreateInstance(Type type, Boolean nonPublic)
>>    at log4net.Core.DefaultRepositorySelector.CreateRepository(String
>> repositoryName, Type repositoryType)
>>    at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
>> repositoryAssembly, Type repositoryType, String repositoryName, 
>> Boolean
>> readAssemblyAttributes)
>>    at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
>> repositoryAssembly, Type repositoryType)
>>    at log4net.Core.DefaultRepositorySelector.GetRepository(Assembly
>> repositoryAssembly)
>>    at log4net.Core.LoggerManager.GetRepository(Assembly repositoryAssembly)
>>    at log4net.Config.XmlConfigurator.Configure()
>>    at UtilClasses.Logger..cctor() in c:\users\***\documents\visual 
>> studio 2010\Projects\TestLogging\TestLogging\Default.aspx.cs:line 35
>>
>> When I include the log4net project to the solution, I get the 
>> exception when creating an instance of the default LogRepository:
>>
>> rep = (ILoggerRepository)Activator.CreateInstance(repositoryType); on 
>> line 412of DefaultRepositorySelector.cs
>>
>> this is my web.config:
>>
>> <?xml version="1.0"?>
>>
>> <configuration>
>>
>>   <configSections>
>>     <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler,
log4net" />
>>   </configSections>
>>   <system.web>
>>     <compilation debug="true" targetFramework="4.0" />
>>     <trust level="High" />
>>   </system.web>
>>   <log4net debug="true">
>>     <appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender">
>>       <file value="logfile.txt" />
>>       <appendToFile value="true" />
>>       <rollingStyle value="Date" />
>>       <datePattern value="yyyy-MM-dd" />
>>       <layout type="log4net.Layout.PatternLayout">
>>         <conversionPattern value="%date{dd-MM-yyyy HH:mm:ss,fff} [%-2p] - %C.%M
- %m%n" />
>>       </layout>
>>
>>     </appender>
>>
>>     <root>
>>       <level value="ALL" />
>>       <appender-ref ref="RollingFileAppender" />
>>     </root>
>>   </log4net>
>>   <system.webServer>
>>      <modules runAllManagedModulesForAllRequests="true"/>
>>   </system.webServer>
>> </configuration>
>>
>> Other people suggest to add requirePermission=”false”to the section, 
>> but then the debugger won’t attach to the application pool.
>>
>> I hope someone can help me out of this problem.
>>
>> Regards,
>>
>> Dennis Minderhoud
>>

-- 
http://michelelepri.blogspot.com/

Mime
View raw message