CodeBetter.Com
Sign in | Join | Help
in Search
CodeBetter.Com
RSS 2.0 via Feedburner
           Do you Twitter? Follow us @CodeBetter

Brendan Tompkins [MVP]

Blog First. Ask Questions Later.

Not using Microsoft.ApplicationBlocks.ExceptionManagement;

Today, I removed the references to the Exception Managment application block in our framework here at the port... The reason?  As far as I can tell,  there's an issue with impersonation and writing to the event log under 2003 that shows up when using Publish(System.Exception ex):

[InvalidOperationException: Cannot open log for source {0}. You may not have
write access.]

There's a thread here and here and here all seeming to dead end, un-resolved that address this issue.  After a bunch of FileMon-ing and RegMon-ing, I started asking why I needed to publish to the Event Log in the first place.  My answer to myself was “I dunno.“  In fact, publishing to the Event Log is kind of a pain in the butt anyhow, with the log filling up, permissions, etc.  So, I implemented a custom Publish(System.Exception ex) method that puts the log somewhere else.

This is the second Application block that I've had to un-use.  I stopped using the Data app block long ago because of bugs.  I'm still using the FileUpdater block which I'm happy with.

.


Published Jul 14 2004, 06:21 AM by Brendan Tompkins

Comments

Scott Galloway said:

So are you still using the block - just with a different IExceptionPublisher defined?
# July 14, 2004 2:39 AM

Brendan Tompkins said:

Well, I'm not using it at all. What I needed to do was very simple. Should I use it? I haven't expored the IExceptionPublisher interface.
# July 14, 2004 2:47 AM

Ralf said:

Brendan,

Are you new to .NET development? Take a look at this book:

http://www.amazon.com/exec/obidos/tg/detail/-/0764508660/qid=1089814021/sr=8-1/ref=pd_ka_1/103-6451967-7691815?v=glance&s=books&n=507846

and:

http://www.mo-media.com/net/

I hope this helps.
# July 14, 2004 3:09 AM

Scott Galloway said:

Doesn't actually do *that* much...I do use it in a bunch of apps because it basically lets me plug in different exception publishers - for instance, in a couple of sites I have an email exception publisher which sends an email asynchronously every time an error occurs - allowing me to fix the bug before the client even know it's there. In other apps I have an XML publisher (well, the file itself is actually a non-well-formed XML file which allows me to do appends without worrying about storing the whole XML file in memory), I have little jobs which can then pull these XML files from secure URLs allowing me to sweep for errors on the sites periodically. In still others I have the standard Event Log publisher - which is a pain to use mainly because of the 'creating log' permission stuff...you can create a little installer class to create a new event log name to get over this. In short, yup, I think everyone can benefit from a simple way to log exceptions :-)
# July 14, 2004 3:10 AM

Darrell said:

Which version of the DAAB did you stop using? There is a constantly updated version on GotDotNet that works quite well for us.

It even supports Abstract Factory. Anyway, hope you don't keep running into issues. :)

http://www.gotdotnet.com/Community/Workspaces/workspace.aspx?id=c20d12b0-af52-402b-9b7c-aaeb21d1f431

# July 14, 2004 3:11 AM

Sebastien Lambla said:

If I remember well, it comes from the fact that you cannot create new event logs from the api in an IIS based application.

The only solution is to write a custom installer and execute installutil.exe on the produced exe like this:

[RunInstaller(true)]
public class EventLogInstallation : Installer
{
private EventLogInstaller myEventLogInstaller;
public EventLogInstallation()
{
//Create Instance of EventLogInstaller
myEventLogInstaller = new EventLogInstaller();

// Set the Source of Event Log, to be created.
myEventLogInstaller.Source = EventLog.APP_NAME;

// Set the Log that source is created in
myEventLogInstaller.Log = EventLog.CAT_NAME;

// Add myEventLogInstaller to the Installers Collection.
Installers.Add(myEventLogInstaller);
}
}


Enjoy.
# July 14, 2004 3:21 AM

Brendan Tompkins said:

Sebastian.. your solution works, but not for 20003... There's still an unresolved issue here AFAIK...

Darrell,

I was using an old version for sure... I'm going to explore the pluggable factory version. One thing we're doing is queuing emails when exceptions happen. Perhaps I could accomplish this with an pluggable exception publisher. Thanks!
# July 14, 2004 3:45 AM

Sebastien Lambla said:

I'm not seeing any problems on this method using .net 1.1 on a win2k3 box myself.
# July 14, 2004 5:10 AM

Sebastien Lambla said:

Ok i was a bit fast... Did you check that IWAM has the correct access rights? Or that you're not running w3wp.exe under a different identity?
# July 14, 2004 5:18 AM

Sebastien Lambla said:

hum, am spamming now, but you mention impersonation...

1. Are you meaning you impersonate at the process level with windows authentication? Sounds like not a good idea for an asp.net process

2. Are you writting to a distant event log?
# July 14, 2004 5:20 AM

Brendan Tompkins said:

We have a low trust user who is impersonated at the asp level to enable some LDAP stuff...But we're using forms auth not Win authentication. It gets really confusing, but I have checked rights for our impersonated identity, but anything but admin errors.
# July 14, 2004 5:26 AM

Sebastien Lambla said:

A bit more...

you can write only with the right rights to the correct registry key. if you impersonate, it all depends on the current impersonation token for your current thread. anyway, with this:
ms-help://MS.VSCC.2003/MS.MSDNQTR.2003FEB.1033/cpref/html/frlrfSystemSecurityPrincipalWindowsIdentityClassImpersonateTopic.htm

and
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetAP05.asp

You should know enough to solve the problem
# July 14, 2004 5:32 AM

Sagar Silanza said:

Brendan,

Have you taken a look at this book:

http://www.amazon.com/exec/obidos/tg/detail/-/0764504703/qid=1089824042/sr=8-1/ref=sr_8_xs_ap_i1_xgl14/103-8392708-5687838?v=glance&s=books&n=507846
# July 14, 2004 5:56 AM

Brendan Tompkins said:

Thanks for taking an interest in this Sebastien...

Our app creates a custom principal object which flows throughout the request, but impersonates a standard low trust account on the machine... This method is well documented in the Patterns and Practices link you've mentioned.

Anyhow, this account, is the one that should need registry rights, but reg permissions don't effect this and this is because ...

It gets more complicated : when IIS is impersonating, it uses the IWAM account if I'm not mistaken for registry permissions but even granting these permissions to the registry doesn't work. See the google threads I initially referenced for a better explanation. I've verified most of this with RegMon...
# July 14, 2004 7:14 AM

Brian said:

Brendan,

Have you looked at the KB article below?

http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B323076

You need to set the event log security so that the user has permission to write to it.

# July 14, 2004 9:25 AM

Brendan Tompkins said:

Sagar Silanza/Ralf : Perhaps you should read this book here:

http://www.intrinsigo.com/bsblog/hcetpac.gif
# July 14, 2004 9:31 AM

Brendan Tompkins said:

Brian.. This looks promising. I'll let you know what I find.. Thanks!
# July 14, 2004 9:38 AM

Brendan Tompkins said:

A good article here on creating a custom publisher:

http://www.daveranck.com/SoftwareDev/DevArticles/233.aspx
# July 15, 2004 2:43 AM

Scott said:

Hello,
I was having a similar issue and was able to use the event log security KB article referenced above along with the following page that summarizes the SDDL syntax to resolve it.

http://www.washington.edu/computing/support/windows/UWdomains/SDDL.html

When it came down to it, each user was authenticating to the site using impersonate=true to support third party app I am working with. When it would try and write to the log it was using each user's identity and the write would fail. I gave the "domain users" group write access to the app log through the registry by adding (A;;0x2;;;DU) to the CustomSD in the registry. Now the events are written to the log as they should be. Hope this is helpful for others.
# August 27, 2004 7:40 AM

Richard Beacroft said:

When I run installutil.exe against the dll created by the classlibrary with the code EventLogInstaller code above, It does not install the dll, but instead returns the help??!

Anyone have any ideas why this is happening?
# September 8, 2004 2:10 AM

Richard Beacroft said:

I had 2 installUtil.exe's on my PC. Was was for something else I think. All working now. Cheers.
# September 8, 2004 2:39 AM

Wayne Larimore - his bloggin' Weighs said:

# July 19, 2005 2:52 PM

Wayne Larimore - his bloggin' Weighs said:

# July 19, 2005 3:16 PM

Wayne Larimore - his bloggin' Weighs said:

# July 19, 2005 5:39 PM

Wayne Larimore - his bloggin' Weighs said:

# July 19, 2005 5:45 PM

Wayne Larimore - his bloggin' Weighs said:

# July 20, 2005 11:12 AM

Wayne Larimore - his bloggin' Weighs said:

# January 30, 2006 4:09 PM

Leave a Comment

(required)  
(optional)
(required)  

Enter the numbers above:
Add

About Brendan Tompkins

Brendan has been programming with .NET since the first public beta and is owner and operator of Port Technology Services, a consultancy company providing .NET application development services to the Maritime industry. In July, 2007, he was awarded the Microsoft MVP award for ASP.NET. He's also a proud co-founder of failed .COM startup Intrinsigo, and has had a hand in the failure of numerous other businesses. He currently runs CodeBetter.Com and Devlicio.us, and lives in Norfolk, Virgina with his wife Tiara and son Ian.

View Brendan's profile on LinkedIn

Check out Devlicio.us!

Our Sponsors

Free Tech Publications

About CodeBetter.Com

CodeBetter.Com FAQ
Our Manifesto
Advertisers should contact Brendan

Subscribe

Google Reader or Homepage
del.icio.us CodeBetter.com Latest Items
Add to My Yahoo!
Subscribe with Bloglines
Subscribe in NewsGator Online
Subscribe with myFeedster
Add to My AOL
Furl CodeBetter.com Latest Items
Subscribe in Rojo

Member Projects

WSMQ - Brendan Tompkins
Sarasota Web Design - David Hayden
Patterns & Practices - David Hayden
dotMath - Steve Hebert
EZWeb - Jeffrey Palermo
Structure Map - Jeremy D. Miller
StoryTeller - Jeremy D. Miller
The Code Wiki - Karl Seguin

 

Friends of CodeBetter.Com

Red-Gate Tools For SQL and .NET
 BlogJet
CodeSmith 3.0
 SourceGear Vault
Telerik
 ComponentArt
VistaDB
JetBrains - ReSharper
 Beyond Compare
 .NET Memory Profiler
NDepend
AliCommerce
Ruby In Steel
SlickEdit
SmartInspect .NET Logging
NGEDIT: ViEmu and Codekana
LiteAccounting.Com
DevExpress <-- NEW Friend!


Site Copyright © 2007 CodeBetter.Com
Content Copyright Individual Bloggers

Community Server (Commercial Edition)