"Requested registry access is not allowed" and Web Service call

C

Clint

Hey all -

I'm having a really confusing problem concerning a web service. Right
now, I have an application that needs to call a web service that does
nothing but return "true" (this will obviously change once the
program's fully built to actually do something, but for testing, it
works).

The only code I added to the service is below:
[WebMethod (EnableSession=true)]
public bool PerformHandshake(string hashedValue)
{
return true;
}

Whenever this method is called from my desktop app (running as me, a
local admin), it works fine. When I call the web service as a
restricted account (by impersonating using
System.Security.Principal.WindowsIdentity.Impersonate()), I get the
following large exception:

General Information
*****
Additional Info:
ExceptionManager.MachineName: <<My machine name>>
ExceptionManager.TimeStamp: 12/13/2004 9:44:23 AM
ExceptionManager.FullName:
Microsoft.ApplicationBlocks.ExceptionManagement,
Version=1.0.1760.29811, Culture=neutral, PublicKeyToken=null
ExceptionManager.AppDomainName: Journals.exe
ExceptionManager.ThreadIdentity:
ExceptionManager.WindowsIdentity: <<correct domain\correct user
account>>

1) Exception Information
*****
Exception Type: System.Configuration.ConfigurationException
Message: Exception in configuration section handler
(c:\windows\microsoft.net\framework\v1.1.4322\Config\machine.config
line 74)
BareMessage: Exception in configuration section handler
Filename:
c:\windows\microsoft.net\framework\v1.1.4322\Config\machine.config
Line: 74
TargetSite: System.Object
EvaluateRecursive(System.Configuration.IConfigurationSectionHandler,
System.Object, System.String[], Int32, System.Xml.XmlTextReader)
HelpLink: NULL
Source: System

StackTrace Information
*****
at
System.Configuration.ConfigurationRecord.EvaluateRecursive(IConfigurationSectionHandler
factory, Object config, String[] keys, Int32 iKey, XmlTextReader
reader)
at
System.Configuration.ConfigurationRecord.EvaluateRecursive(IConfigurationSectionHandler
factory, Object config, String[] keys, Int32 iKey, XmlTextReader
reader)
at System.Configuration.ConfigurationRecord.Evaluate(String
configKey)
at System.Configuration.ConfigurationRecord.ResolveConfig(String
configKey)
at System.Configuration.ConfigurationRecord.GetConfig(String
configKey)
at System.Configuration.ConfigurationRecord.ResolveConfig(String
configKey)
at System.Configuration.ConfigurationRecord.GetConfig(String
configKey)
at
System.Configuration.DefaultConfigurationSystem.System.Configuration.IConfigurationSystem.GetConfig(String
configKey)
at System.Configuration.ConfigurationSettings.GetConfig(String
sectionName)
at System.Net.GlobalProxySelection.get_SelectInternal()
at System.Net.HttpWebRequest..ctor(Uri uri)
at System.Net.HttpRequestCreator.Create(Uri Uri)
at System.Net.WebRequest.Create(Uri requestUri, Boolean useUriBase)
at System.Net.WebRequest.Create(Uri requestUri)
at System.Web.Services.Protocols.WebClientProtocol.GetWebRequest(Uri
uri)
at
System.Web.Services.Protocols.HttpWebClientProtocol.GetWebRequest(Uri
uri)
at
System.Web.Services.Protocols.SoapHttpClientProtocol.GetWebRequest(Uri
uri)
at
System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters)
at Journals.BAL.<svr>.FSConnect.PerformHandshake(String hashedValue)
in C:\Visual Studio Projects\C# Projects\Journal Automation
System\Journals.BAL\Web References\<svr>\Reference.cs:line 38
at Journals.BAL.Posting.PostJournalSet(Int32 JournalSet_ID, String
NewOwnerUserName, String Comment) in c:\visual studio projects\c#
projects\journal automation system\journals.bal2\posting.cs:line 298
at Journals.Common.Posting.transfer_TransferOk(Object sender,
TransferOkEventArgs e) in c:\visual studio projects\c# projects\journal
automation system\journals\common\posting.cs:line 174
at Journals.frmTransferOwnership.OnTransferOk(TransferOkEventArgs e)
in c:\visual studio projects\c# projects\journal automation
system\journals\forms\frmtransferownership.cs:line 46
at Journals.frmTransferOwnership.btnSend_Click(Object sender,
EventArgs e) in c:\visual studio projects\c# projects\journal
automation system\journals\forms\frmtransferownership.cs:line 276
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons
button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32
msg, IntPtr wparam, IntPtr lparam)

2) Exception Information
*****
Exception Type: System.Security.SecurityException
PermissionType: NULL
PermissionState: NULL
GrantedSet: NULL
RefusedSet: NULL
Message: Requested registry access is not allowed.
TargetSite: Microsoft.Win32.RegistryKey OpenSubKey(System.String,
Boolean)
HelpLink: NULL
Source: mscorlib

StackTrace Information
*****
at Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean
writable)
at Microsoft.Win32.RegistryKey.OpenSubKey(String name)
at System.Net.ProxyRegBlob.ReadRegSettings()
at System.Net.ProxyRegBlob.ReadRegSettings()
at System.Net.ProxyRegBlob.GetIEProxy()
at System.Net.Configuration.DefaultProxyHandler.Create(Object
parent, Object configContext, XmlNode section)
at
System.Configuration.ConfigurationRecord.EvaluateRecursive(IConfigurationSectionHandler
factory, Object config, String[] keys, Int32 iKey, XmlTextReader
reader)

**************************************************************

Now, the exception that stands out is the Registry exception ... but
nowhere in my application am I accessing the registry.

Does anyone have any ideas as to what might be happening, and how to
resolve it?

Thanks!
Clint
 
N

Nicole Calinoiu

Clint,

Take a look at the following key in your machine.config file:
configuration\system.net\defaultProxy\proxy. It is most likely set to use
the system default proxy. If this is the case, the proxy settings will be
read out of the following registry key:
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Connections.

When you impersonate, the HKCU hive will not be populated with the data for
the impersonated user. Instead, the hive remains as previously populated
for the logged on user. In your case, the impersonated user would appear
not to have permissions to read the necessary subkey from HKCU.

You should not need to modify your machine.config file in order to work
around the problem. Instead, you should be able to override the
defaultProxy setting via your application's config file.

HTH,
Nicole



Clint said:
Hey all -

I'm having a really confusing problem concerning a web service. Right
now, I have an application that needs to call a web service that does
nothing but return "true" (this will obviously change once the
program's fully built to actually do something, but for testing, it
works).

The only code I added to the service is below:
[WebMethod (EnableSession=true)]
public bool PerformHandshake(string hashedValue)
{
return true;
}

Whenever this method is called from my desktop app (running as me, a
local admin), it works fine. When I call the web service as a
restricted account (by impersonating using
System.Security.Principal.WindowsIdentity.Impersonate()), I get the
following large exception:

General Information
*****
Additional Info:
ExceptionManager.MachineName: <<My machine name>>
ExceptionManager.TimeStamp: 12/13/2004 9:44:23 AM
ExceptionManager.FullName:
Microsoft.ApplicationBlocks.ExceptionManagement,
Version=1.0.1760.29811, Culture=neutral, PublicKeyToken=null
ExceptionManager.AppDomainName: Journals.exe
ExceptionManager.ThreadIdentity:
ExceptionManager.WindowsIdentity: <<correct domain\correct user
account>>

1) Exception Information
*****
Exception Type: System.Configuration.ConfigurationException
Message: Exception in configuration section handler
(c:\windows\microsoft.net\framework\v1.1.4322\Config\machine.config
line 74)
BareMessage: Exception in configuration section handler
Filename:
c:\windows\microsoft.net\framework\v1.1.4322\Config\machine.config
Line: 74
TargetSite: System.Object
EvaluateRecursive(System.Configuration.IConfigurationSectionHandler,
System.Object, System.String[], Int32, System.Xml.XmlTextReader)
HelpLink: NULL
Source: System

StackTrace Information
*****
at
System.Configuration.ConfigurationRecord.EvaluateRecursive(IConfigurationSectionHandler
factory, Object config, String[] keys, Int32 iKey, XmlTextReader
reader)
at
System.Configuration.ConfigurationRecord.EvaluateRecursive(IConfigurationSectionHandler
factory, Object config, String[] keys, Int32 iKey, XmlTextReader
reader)
at System.Configuration.ConfigurationRecord.Evaluate(String
configKey)
at System.Configuration.ConfigurationRecord.ResolveConfig(String
configKey)
at System.Configuration.ConfigurationRecord.GetConfig(String
configKey)
at System.Configuration.ConfigurationRecord.ResolveConfig(String
configKey)
at System.Configuration.ConfigurationRecord.GetConfig(String
configKey)
at
System.Configuration.DefaultConfigurationSystem.System.Configuration.IConfigurationSystem.GetConfig(String
configKey)
at System.Configuration.ConfigurationSettings.GetConfig(String
sectionName)
at System.Net.GlobalProxySelection.get_SelectInternal()
at System.Net.HttpWebRequest..ctor(Uri uri)
at System.Net.HttpRequestCreator.Create(Uri Uri)
at System.Net.WebRequest.Create(Uri requestUri, Boolean useUriBase)
at System.Net.WebRequest.Create(Uri requestUri)
at System.Web.Services.Protocols.WebClientProtocol.GetWebRequest(Uri
uri)
at
System.Web.Services.Protocols.HttpWebClientProtocol.GetWebRequest(Uri
uri)
at
System.Web.Services.Protocols.SoapHttpClientProtocol.GetWebRequest(Uri
uri)
at
System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters)
at Journals.BAL.<svr>.FSConnect.PerformHandshake(String hashedValue)
in C:\Visual Studio Projects\C# Projects\Journal Automation
System\Journals.BAL\Web References\<svr>\Reference.cs:line 38
at Journals.BAL.Posting.PostJournalSet(Int32 JournalSet_ID, String
NewOwnerUserName, String Comment) in c:\visual studio projects\c#
projects\journal automation system\journals.bal2\posting.cs:line 298
at Journals.Common.Posting.transfer_TransferOk(Object sender,
TransferOkEventArgs e) in c:\visual studio projects\c# projects\journal
automation system\journals\common\posting.cs:line 174
at Journals.frmTransferOwnership.OnTransferOk(TransferOkEventArgs e)
in c:\visual studio projects\c# projects\journal automation
system\journals\forms\frmtransferownership.cs:line 46
at Journals.frmTransferOwnership.btnSend_Click(Object sender,
EventArgs e) in c:\visual studio projects\c# projects\journal
automation system\journals\forms\frmtransferownership.cs:line 276
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons
button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32
msg, IntPtr wparam, IntPtr lparam)

2) Exception Information
*****
Exception Type: System.Security.SecurityException
PermissionType: NULL
PermissionState: NULL
GrantedSet: NULL
RefusedSet: NULL
Message: Requested registry access is not allowed.
TargetSite: Microsoft.Win32.RegistryKey OpenSubKey(System.String,
Boolean)
HelpLink: NULL
Source: mscorlib

StackTrace Information
*****
at Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean
writable)
at Microsoft.Win32.RegistryKey.OpenSubKey(String name)
at System.Net.ProxyRegBlob.ReadRegSettings()
at System.Net.ProxyRegBlob.ReadRegSettings()
at System.Net.ProxyRegBlob.GetIEProxy()
at System.Net.Configuration.DefaultProxyHandler.Create(Object
parent, Object configContext, XmlNode section)
at
System.Configuration.ConfigurationRecord.EvaluateRecursive(IConfigurationSectionHandler
factory, Object config, String[] keys, Int32 iKey, XmlTextReader
reader)

**************************************************************

Now, the exception that stands out is the Registry exception ... but
nowhere in my application am I accessing the registry.

Does anyone have any ideas as to what might be happening, and how to
resolve it?

Thanks!
Clint
 
C

Clint

Hi Nicole -

That sounds exactly like whats going on. I added the following to my
App.config file:

<configuration>
<system.net>
<defaultProxy>
<proxy
usesystemdefault="false"
proxyaddress="http://proxyserver:80"
bypassonlocal="true"
/>
</defaultProxy>
</system.net>
</configuration>

And still managed to get the same error. Now, I know
http://proxyserver:80 won't work as it doesn't exist, but I figured a
separate message would've appeared. It almost seems as if the new
settings aren't overriding those in Machine.config.
Any ideas?
Thanks!
Clint
 
C

Clint

Hi Nicole -

That sounds exactly like whats going on. I added the following to my
App.config file:

<configuration>
<system.net>
<defaultProxy>
<proxy
usesystemdefault="false"
proxyaddress="http://proxyserver:80"
bypassonlocal="true"
/>
</defaultProxy>
</system.net>
</configuration>

And still managed to get the same error. Now, I know
http://proxyserver:80 won't work as it doesn't exist, but I figured a
separate message would've appeared. It almost seems as if the new
settings aren't overriding those in Machine.config.
Any ideas?
Thanks!
Clint
 
N

Nicole Calinoiu

If overriding via app.config isn't working, you might want to try "manually"
setting the Proxy property of the HttpWebRequest that is used to call the
web service. According to the docs, reading of the proxy settings from the
config file will only occur for an HttpWebRequest that has not yet had its
Proxy property set when submission of the request is first attempted.

HTH,
Nicole
 
C

Clint

I think I'm doing something wrong in that I tried setting the Proxy
right after creating a new instance of my service:

ws = new HashTest.iisvm03.Service1();
ws.Proxy = new System.Net.WebProxy("http://foo:80", true);
ws.CookieContainer = new System.Net.CookieContainer();
ws.Credentials = System.Net.CredentialCache.DefaultCredentials;

With no success - still trying to read from the registry. I did find a
work-around, though, in that I'm not always impersonating a user in the
application, only on remote calls. So, when my calling class fires up,
it isn't impersonating, and I can set a private proxy field in the
constructor and use it as needed when I do my calls. That, oddly
enough, seems to work.

I have no problem going that route, I'm more curious now as to what I
was doing wrong for future reference. Either way - thanks again for
helping me out - this has been bugging me for a while!

Clint
 
N

Nicole Calinoiu

That's the wrong Proxy property. The web service wrapper class generated
for use in the client application inherits from
System.Web.Services.Protocols.WebClientProtocol, even if not directly. You
would need to override its virtual GetWebRequest method to set the value of
the Proxy property for the HttpWebRequest used by the wrapper.
Unfortunately, this change would be undone every time the auto-generated
wrapper class is regenerated. If you have an acceptable workaround that
doesn't compromise the security of your system, it would probably be best to
use it.

HTH,
Nicole
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,743
Messages
2,569,478
Members
44,898
Latest member
BlairH7607

Latest Threads

Top