Cannot open log Application on machine

Discussion in 'ASP .Net Security' started by Greg, Feb 10, 2006.

  1. Greg

    Greg Guest

    Hi all,

    We want to be able to log to the event log when an error occurs in our web
    parts. Currently we cannot do that under SharePoint because it throws an
    exception.

    Below is the code where is fails:

    EventLog log = new EventLog("Application", ".", "MyThing");
    log.EnableRaisingEvents = true;

    On the second line it throws the following exception:

    - $exception {"Cannot open log Application on machine .. Windows has not
    provided an error code."} System.Exception
    {System.InvalidOperationException}

    The exception contains an inner exception stating "Access denied."

    Running the same code under an ASP.NET 2.0 application with an anonimus user
    access it works fine.

    Here are some facts:
    - We are using windows authendication in the WSS server
    - The users accessing the sharepoint site have domain accounts
    - If I access the SharePoint site with a user that is NOT administrator then
    it fails.
    - For Admins it works fine.
    - The Event log source gets installed by our installer to avoid other
    sequrity problems.

    How can I avoid the exception without having to make all users admins?
    Please help!!!

    Thanks in advance,
    Greg.
    Greg, Feb 10, 2006
    #1
    1. Advertising

  2. Hi,

    1. EnableRaisingEvents - this is used if you are writing a event log listener
    - you usually provide a callback in your application that gets called when
    a new event entry is written - this is NOT needed to write to the event log

    2. The ASP.NET worker process does not have the privileges to create a brand
    new event source - that's where the access denied is coming from

    You have to pre-create the event source and log in, e.g. a console application
    that is run with admin privileges. Afterwards you can write to the EventLog
    with a least privilege account.

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Hi all,
    >
    > We want to be able to log to the event log when an error occurs in our
    > web parts. Currently we cannot do that under SharePoint because it
    > throws an exception.
    >
    > Below is the code where is fails:
    >
    > EventLog log = new EventLog("Application", ".", "MyThing");
    > log.EnableRaisingEvents = true;
    > On the second line it throws the following exception:
    >
    > - $exception {"Cannot open log Application on machine .. Windows has
    > not provided an error code."} System.Exception
    > {System.InvalidOperationException}
    >
    > The exception contains an inner exception stating "Access denied."
    >
    > Running the same code under an ASP.NET 2.0 application with an
    > anonimus user access it works fine.
    >
    > Here are some facts:
    > - We are using windows authendication in the WSS server
    > - The users accessing the sharepoint site have domain accounts
    > - If I access the SharePoint site with a user that is NOT
    > administrator then
    > it fails.
    > - For Admins it works fine.
    > - The Event log source gets installed by our installer to avoid other
    > sequrity problems.
    > How can I avoid the exception without having to make all users admins?
    > Please help!!!
    >
    > Thanks in advance,
    > Greg.
    Dominick Baier [DevelopMentor], Feb 10, 2006
    #2
    1. Advertising

  3. Greg

    Greg Guest

    Hi Dominic,

    > 2. The ASP.NET worker process does not have the privileges to create a
    > brand new event source - that's where the access denied is coming from


    We do not create a brand new event source. As I said previouslly the event
    source gets installed by
    our instalation program.

    > 1. EnableRaisingEvents - this is used if you are writing a event log
    > listener - you usually provide a callback in your application that gets
    > called when a new event entry is written - this is NOT needed to write to
    > the event log


    I removed the offending line to do with the EnableRaisingEvents. It now
    fails when it actually tries to
    write - log.WriteEntry(.....) - with an exception stating:

    Cannot open log for source 'My event Source'. You may not have write access.

    Any thought please?

    Thanks for your quick reply.
    Greg.
    Greg, Feb 10, 2006
    #3
  4. ah - i remember vaguely that there is a bug in 1.1

    whats the name of your event source? if the 1st is higher than "s" - or something
    comparably obscure...

    also check the ACL on HKLM\System\CurrentControlSet\Services\Eventlog\EventLogName

    does the asp.net process account have sufficient rights?

    what OS?

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Hi Dominic,
    >
    >> 2. The ASP.NET worker process does not have the privileges to create
    >> a brand new event source - that's where the access denied is coming
    >> from
    >>

    > We do not create a brand new event source. As I said previouslly the
    > event
    > source gets installed by
    > our instalation program.
    >> 1. EnableRaisingEvents - this is used if you are writing a event log
    >> listener - you usually provide a callback in your application that
    >> gets called when a new event entry is written - this is NOT needed to
    >> write to the event log
    >>

    > I removed the offending line to do with the EnableRaisingEvents. It
    > now
    > fails when it actually tries to
    > write - log.WriteEntry(.....) - with an exception stating:
    > Cannot open log for source 'My event Source'. You may not have write
    > access.
    >
    > Any thought please?
    >
    > Thanks for your quick reply.
    > Greg.
    Dominick Baier [DevelopMentor], Feb 10, 2006
    #4
  5. Greg

    Greg Guest


    > whats the name of your event source? if the 1st is higher than "s" - or
    > something
    > comparably obscure...


    The source name is "Metastorm WSS Integration"


    > also check the ACL on
    > HKLM\System\CurrentControlSet\Services\Eventlog\EventLogName
    > does the asp.net process account have sufficient rights?


    It has, otherwise the ASP.NET application running the same code would't be
    able to log at all.
    When I run the same code under SharePoint is where it fails.

    > what OS?


    Windows 2003 SP1

    Thanks,
    Greg.
    Greg, Feb 10, 2006
    #5
  6. what happens if you do a

    new EventLogPermission(PermissionState.Unrestricted).Demand()

    ?
    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    >> whats the name of your event source? if the 1st is higher than "s" -
    >> or
    >> something
    >> comparably obscure...

    > The source name is "Metastorm WSS Integration"
    >
    >> also check the ACL on
    >> HKLM\System\CurrentControlSet\Services\Eventlog\EventLogName does the
    >> asp.net process account have sufficient rights?
    >>

    > It has, otherwise the ASP.NET application running the same code
    > would't be
    > able to log at all.
    > When I run the same code under SharePoint is where it fails.
    >> what OS?
    >>

    > Windows 2003 SP1
    >
    > Thanks,
    > Greg.
    Dominick Baier [DevelopMentor], Feb 10, 2006
    #6
  7. Greg

    Greg Guest

    Hi Dominic,

    I added the code as you asked me just before I do a write like this

    new EventLogPermission(PermissionState.Unrestricted).Demand();
    log.WriteEntry(message, type, (int)eventId, (short)category);

    The Demand method executes sucessfull as it proceeds to the next line
    (log.WriteEntry......) ok.
    When it tries to do log.WriteEntry it then fails with a
    System.InvalidOperationException exception:

    "Cannot open log for source 'Metastorm WSS Integration'. You may not have
    write access."

    The exception contains an Inner Exception of "Access is denied".

    The top 4 entries of the trace stack are:
    System.Diagnostics.EventLog.OpenForWrite(...)
    System.Diagnostics.EventLog.InternalWriteEvent(...)
    System.Diagnostics.EventLog.WriteEntry(...)
    System.Diagnostics.EventLog.WriteEntry(...)

    Many thanks,
    Greg.
    Greg, Feb 13, 2006
    #7
  8. Hi,

    OK - i wanted to make sure that the problem is not CAS related - it must
    be some OS ACL

    does this help?
    http://www.leastprivilege.com/EventLogACLsInWindows2003.aspx

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Hi Dominic,
    >
    > I added the code as you asked me just before I do a write like this
    >
    > new EventLogPermission(PermissionState.Unrestricted).Demand();
    > log.WriteEntry(message, type, (int)eventId, (short)category);
    > The Demand method executes sucessfull as it proceeds to the next line
    > (log.WriteEntry......) ok.
    > When it tries to do log.WriteEntry it then fails with a
    > System.InvalidOperationException exception:
    > "Cannot open log for source 'Metastorm WSS Integration'. You may not
    > have write access."
    >
    > The exception contains an Inner Exception of "Access is denied".
    >
    > The top 4 entries of the trace stack are:
    > System.Diagnostics.EventLog.OpenForWrite(...)
    > System.Diagnostics.EventLog.InternalWriteEvent(...)
    > System.Diagnostics.EventLog.WriteEntry(...)
    > System.Diagnostics.EventLog.WriteEntry(...)
    > Many thanks,
    > Greg
    Dominick Baier [DevelopMentor], Feb 13, 2006
    #8
  9. Greg

    Greg Guest

    Hi Dominick,

    I had a look at the article yopu suggested.
    I do not think though that the security on the EventLog is relevant as the
    same user can write to event log from an ASP.NET application using the same
    code but cannot when the code is hosted in SharePoint. Both SharePoint and
    the ASP.NET app use windows authendication.

    This is very weird.....

    Many Thanks,
    Greg.
    Greg, Feb 13, 2006
    #9
  10. Greg

    Greg Guest

    I also tried the following...

    The trust lever is set to Full. I also GACed the assembly that does the
    event logging but I still get same problem.

    Please help....
    Greg.
    Greg, Feb 15, 2006
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Henrik_the_boss
    Replies:
    0
    Views:
    2,627
    Henrik_the_boss
    Nov 5, 2003
  2. =?Utf-8?B?VG9tIFdpbmdlcnQ=?=

    My.Log.Writeexception not writing to Application Event Log.

    =?Utf-8?B?VG9tIFdpbmdlcnQ=?=, Jan 20, 2006, in forum: ASP .Net
    Replies:
    0
    Views:
    2,352
    =?Utf-8?B?VG9tIFdpbmdlcnQ=?=
    Jan 20, 2006
  3. John

    Cannot open log for source

    John, Jan 19, 2005, in forum: ASP .Net Security
    Replies:
    1
    Views:
    288
    Daniel Fisher\(lennybacon\)
    Jan 30, 2005
  4. Cannot open log for source {0} -- again

    , Mar 31, 2005, in forum: ASP .Net Security
    Replies:
    6
    Views:
    199
    Nicole Calinoiu
    Apr 7, 2005
  5. PerlFAQ Server
    Replies:
    0
    Views:
    117
    PerlFAQ Server
    Apr 9, 2011
Loading...

Share This Page