An unhandled exception of type 'System.Security.SecurityException' occurred in mscorlib.dll Addition

Discussion in 'ASP .Net' started by Ankit Aneja, Apr 5, 2006.

  1. Ankit Aneja

    Ankit Aneja Guest

    This is my problem. I am using Visual 2003, .Net framework 1.1 and the
    Application Block
    I configured the DAAB using the Enterprise Library Configuration

    now this is the error which is coming



    Security Exception
    Description: The application attempted to perform an operation not allowed
    by the security policy. To grant this application the required permission
    please contact your system administrator or change the application's trust
    level in the configuration file.

    Exception Details: System.Security.SecurityException: Requested registry
    access is not allowed.

    Source Error:




    An unhandled exception was generated during the execution of the current web
    request. Information regarding the origin and location of the exception can
    be identified using the exception stack trace below.

    Stack Trace:


    [SecurityException: Requested registry access is not allowed.]
    Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean writable) +473
    System.Diagnostics.EventLog.FindSourceRegistration(String source, String
    machineName, Boolean readOnly)
    System.Diagnostics.EventLog.SourceExists(String source, String machineName)
    System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
    type, Int32 eventID, Int16 category, Byte[] rawData)
    System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
    type, Int32 eventID, Int16 category)
    System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
    type, Int32 eventID)
    System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
    type)
    Microsoft.Practices.EnterpriseLibrary.Common.Instrumentation.PerformanceCounte
    rInstances.ReportCounterFailure(String message)
    Microsoft.Practices.EnterpriseLibrary.Common.Instrumentation.PerformanceCounte
    rInstances..ctor(String categoryName, String counterName, Boolean
    createNewInstance)
    Microsoft.Practices.EnterpriseLibrary.Common.Instrumentation.InstrumentedEvent
    ..AddPerformanceCounter(String category, String[] counterNames, Boolean
    createNewInstance)
    Microsoft.Practices.EnterpriseLibrary.Common.Instrumentation.InstrumentedEvent
    ..Initialize(String counterCategory, String[] counterNames, Boolean
    createNewInstance, String eventLogSource, EventLogIdentifier[] eventIds)
    Microsoft.Practices.EnterpriseLibrary.Common.Instrumentation.InstrumentedEvent
    ...ctor(String counterCategory, String[] counterNames, Boolean
    createNewInstance)
    Microsoft.Practices.EnterpriseLibrary.Data.Instrumentation.DataServiceEvent..c
    tor(String[] counterNames)
    Microsoft.Practices.EnterpriseLibrary.Data.Instrumentation.DataCommandFailedEv
    ent..ctor(String[] counterNames)
    Microsoft.Practices.EnterpriseLibrary.Data.Instrumentation.DataCommandFailedEv
    ent..cctor()
    Ankit Aneja, Apr 5, 2006
    #1
    1. Advertising

  2. Hi Ankit,

    Thank you for posting.

    From your description, I understand that you have an ASP.NET web
    application which use the enterprise library and DAAB. However, at runtime,
    you're encountering some System.SecurityException, correct?

    Based on the error message and callstack, the exception occured when the
    code try accessing certain windows registry entry. So this is a security
    permission problem. I suggest you try the following steps first:

    1. Change your ASP.NET application's process idenitity to LOCAL SYSTEM and
    run it to see whether the problem still occurs. If still occurs, that means
    this is not a raw windows security issue, but a .NET code access security
    issue. If the problem go away, we need to check the original process
    identity's windows permission to the registry.

    2. If we've confirmed that this is a .NET CAS issue through #1, we need to
    check our asp.net application's Trust Level first, is your ASP.NET
    application running under "Full" trustlevel? The trust level can be
    configured in the web.config(or machine.config) through the <trust> element:

    #trust Element (ASP.NET Settings Schema)
    http://msdn2.microsoft.com/en-us/library/tkscy493(VS.80).aspx

    If the original value is not set as "Full" , you can manually set the
    application's Trust level to "Full", like below:

    <trust
    level="Full"
    />


    After that, test the application again to see whether it can run
    correctly(access the registry correctly).

    Hope this helps.

    Regards,

    Steven Cheng
    Microsoft Online Community Support


    ==================================================

    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.

    ==================================================


    This posting is provided "AS IS" with no warranties, and confers no rights.



    Get Secure! www.microsoft.com/security
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)
    Steven Cheng[MSFT], Apr 6, 2006
    #2
    1. Advertising

  3. Ankit Aneja

    Ankit Aneja Guest

    can u give me steps how i will perform the first step
    code id running fine on other system
    "Steven Cheng[MSFT]" <> wrote in message
    news:...
    > Hi Ankit,
    >
    > Thank you for posting.
    >
    > From your description, I understand that you have an ASP.NET web
    > application which use the enterprise library and DAAB. However, at
    > runtime,
    > you're encountering some System.SecurityException, correct?
    >
    > Based on the error message and callstack, the exception occured when the
    > code try accessing certain windows registry entry. So this is a security
    > permission problem. I suggest you try the following steps first:
    >
    > 1. Change your ASP.NET application's process idenitity to LOCAL SYSTEM and
    > run it to see whether the problem still occurs. If still occurs, that
    > means
    > this is not a raw windows security issue, but a .NET code access security
    > issue. If the problem go away, we need to check the original process
    > identity's windows permission to the registry.
    >
    > 2. If we've confirmed that this is a .NET CAS issue through #1, we need to
    > check our asp.net application's Trust Level first, is your ASP.NET
    > application running under "Full" trustlevel? The trust level can be
    > configured in the web.config(or machine.config) through the <trust>
    > element:
    >
    > #trust Element (ASP.NET Settings Schema)
    > http://msdn2.microsoft.com/en-us/library/tkscy493(VS.80).aspx
    >
    > If the original value is not set as "Full" , you can manually set the
    > application's Trust level to "Full", like below:
    >
    > <trust
    > level="Full"
    > />
    >
    >
    > After that, test the application again to see whether it can run
    > correctly(access the registry correctly).
    >
    > Hope this helps.
    >
    > Regards,
    >
    > Steven Cheng
    > Microsoft Online Community Support
    >
    >
    > ==================================================
    >
    > When responding to posts, please "Reply to Group" via your newsreader so
    > that others may learn and benefit from your issue.
    >
    > ==================================================
    >
    >
    > This posting is provided "AS IS" with no warranties, and confers no
    > rights.
    >
    >
    >
    > Get Secure! www.microsoft.com/security
    > (This posting is provided "AS IS", with no warranties, and confers no
    > rights.)
    >
    >
    >
    >
    >
    >
    >
    Ankit Aneja, Apr 6, 2006
    #3
  4. Ankit Aneja

    Ankit Aneja Guest

    i also tried this line
    <identity impersonate="false" />
    in web.comfig but doesn't work

    "Steven Cheng[MSFT]" <> wrote in message
    news:...
    > Hi Ankit,
    >
    > Thank you for posting.
    >
    > From your description, I understand that you have an ASP.NET web
    > application which use the enterprise library and DAAB. However, at
    > runtime,
    > you're encountering some System.SecurityException, correct?
    >
    > Based on the error message and callstack, the exception occured when the
    > code try accessing certain windows registry entry. So this is a security
    > permission problem. I suggest you try the following steps first:
    >
    > 1. Change your ASP.NET application's process idenitity to LOCAL SYSTEM and
    > run it to see whether the problem still occurs. If still occurs, that
    > means
    > this is not a raw windows security issue, but a .NET code access security
    > issue. If the problem go away, we need to check the original process
    > identity's windows permission to the registry.
    >
    > 2. If we've confirmed that this is a .NET CAS issue through #1, we need to
    > check our asp.net application's Trust Level first, is your ASP.NET
    > application running under "Full" trustlevel? The trust level can be
    > configured in the web.config(or machine.config) through the <trust>
    > element:
    >
    > #trust Element (ASP.NET Settings Schema)
    > http://msdn2.microsoft.com/en-us/library/tkscy493(VS.80).aspx
    >
    > If the original value is not set as "Full" , you can manually set the
    > application's Trust level to "Full", like below:
    >
    > <trust
    > level="Full"
    > />
    >
    >
    > After that, test the application again to see whether it can run
    > correctly(access the registry correctly).
    >
    > Hope this helps.
    >
    > Regards,
    >
    > Steven Cheng
    > Microsoft Online Community Support
    >
    >
    > ==================================================
    >
    > When responding to posts, please "Reply to Group" via your newsreader so
    > that others may learn and benefit from your issue.
    >
    > ==================================================
    >
    >
    > This posting is provided "AS IS" with no warranties, and confers no
    > rights.
    >
    >
    >
    > Get Secure! www.microsoft.com/security
    > (This posting is provided "AS IS", with no warranties, and confers no
    > rights.)
    >
    >
    >
    >
    >
    >
    >
    Ankit Aneja, Apr 6, 2006
    #4
  5. Re: An unhandled exception of type 'System.Security.SecurityException'

    Ankit Aneja wrote:
    > This is my problem. I am using Visual 2003, .Net framework 1.1 and the
    > Application Block
    > I configured the DAAB using the Enterprise Library Configuration
    >
    > now this is the error which is coming
    >
    >
    >
    > Security Exception
    > Description: The application attempted to perform an operation not allowed
    > by the security policy. To grant this application the required permission
    > please contact your system administrator or change the application's trust
    > level in the configuration file.
    >
    > Exception Details: System.Security.SecurityException: Requested registry
    > access is not allowed.
    >
    > Source Error:
    >
    >
    >
    >
    > An unhandled exception was generated during the execution of the current web
    > request. Information regarding the origin and location of the exception can
    > be identified using the exception stack trace below.
    >
    > Stack Trace:
    >
    >
    > [SecurityException: Requested registry access is not allowed.]
    > Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean writable) +473
    > System.Diagnostics.EventLog.FindSourceRegistration(String source, String
    > machineName, Boolean readOnly)
    > System.Diagnostics.EventLog.SourceExists(String source, String machineName)
    > System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
    > type, Int32 eventID, Int16 category, Byte[] rawData)
    > System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
    > type, Int32 eventID, Int16 category)
    > System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
    > type, Int32 eventID)
    > System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
    > type)
    > Microsoft.Practices.EnterpriseLibrary.Common.Instrumentation.PerformanceCounte
    > rInstances.ReportCounterFailure(String message)
    > Microsoft.Practices.EnterpriseLibrary.Common.Instrumentation.PerformanceCounte
    > rInstances..ctor(String categoryName, String counterName, Boolean
    > createNewInstance)
    > Microsoft.Practices.EnterpriseLibrary.Common.Instrumentation.InstrumentedEvent
    > .AddPerformanceCounter(String category, String[] counterNames, Boolean
    > createNewInstance)
    > Microsoft.Practices.EnterpriseLibrary.Common.Instrumentation.InstrumentedEvent
    > .Initialize(String counterCategory, String[] counterNames, Boolean
    > createNewInstance, String eventLogSource, EventLogIdentifier[] eventIds)
    > Microsoft.Practices.EnterpriseLibrary.Common.Instrumentation.InstrumentedEvent
    > ..ctor(String counterCategory, String[] counterNames, Boolean
    > createNewInstance)
    > Microsoft.Practices.EnterpriseLibrary.Data.Instrumentation.DataServiceEvent..c
    > tor(String[] counterNames)
    > Microsoft.Practices.EnterpriseLibrary.Data.Instrumentation.DataCommandFailedEv
    > ent..ctor(String[] counterNames)
    > Microsoft.Practices.EnterpriseLibrary.Data.Instrumentation.DataCommandFailedEv
    > ent..cctor()
    >
    >

    hey Ankit,
    this is the problem of registry settings in Enterprise Library.
    Just run the batch file of "Install Services" provided in the Enterprise
    Library. I hope it may solve ur problem.


    Regards,
    Sandeep
    Sandeep Singh, Apr 6, 2006
    #5
  6. Thanks for your response Ankit,

    What's your webserver's OS version and is it using IIS5 or IIS6? As for
    the step1 I mentioned before, it depend on the IIS server your application
    running against. For IIS 5, it use the ASP.NET processModel, you can change
    ASP.NET process idenitity through the <processModel> element in the
    machine.config file. For IIS6, it by default use applicationPool model, so
    you can just configure your ASP.NET application(virutal dir)'s application
    pool's idenitity account. Change the account to LocalSystem and test it to
    see whether it works

    for IIS5
    #<processModel> Element
    http://msdn.microsoft.com/library/en-us/cpgenref/html/gngrfprocessmodelsecti
    on.asp?frame=true


    for IIS6
    #Identity Application Pool Settings
    http://msdn.microsoft.com/library/en-us/cpguide/html/cpconidentityapplicatio
    npoolsettings.asp?frame=true

    if change process idenitity to run under LOCALSYSTEM not work, you should
    check the .NET CAS setting as I mentioned in step2:

    #ASP.NET Trust Levels and Policy Files
    http://msdn.microsoft.com/library/en-us/cpguide/html/cpconaspnettrustlevelsp
    olicyfiles.asp?frame=true


    Regards,

    Steven Cheng
    Microsoft Online Community Support


    ==================================================

    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.

    ==================================================


    This posting is provided "AS IS" with no warranties, and confers no rights.



    Get Secure! www.microsoft.com/security
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)
    Steven Cheng[MSFT], Apr 6, 2006
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Lee Simpson
    Replies:
    0
    Views:
    1,572
    Lee Simpson
    Jul 18, 2003
  2. NicK chlam via DotNetMonster.com
    Replies:
    0
    Views:
    4,861
    NicK chlam via DotNetMonster.com
    Mar 21, 2005
  3. roopsd
    Replies:
    0
    Views:
    1,707
    roopsd
    Aug 14, 2006
  4. Warren Tang
    Replies:
    1
    Views:
    879
    Warren Tang
    Sep 23, 2008
  5. Leyla
    Replies:
    2
    Views:
    679
    Leyla
    Aug 17, 2006
Loading...

Share This Page