I'm using NLog in my ASP.NET application hosted on IIS and Windows server 2003. When I run the code on my develop machine, everything is Okay. But when I deployed the code to the server. The initialization of NLog target will cause an security exception:
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Requested registry access is not allowed.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[SecurityException: Requested registry
access is not allowed.]
System.ThrowHelper.ThrowSecurityException(ExceptionResource
resource) +51
Microsoft.Win32.RegistryKey.OpenSubKey(String
name, Boolean writable) +7462217
System.Diagnostics.EventLog.CreateEventSource(EventSourceCreationData
sourceData) +366
NLog.Targets.EventLogTarget.CreateEventSourceIfNeeded()
+637 NLog.Targets.EventLogTarget.InitializeTarget()
+40 NLog.Targets.Target.Initialize() +264
NLog.Config.LoggingConfiguration.InitializeAll()
+233
Does anyone when what should I do in order to give the application proper permission? Thanks!
Okay, I got it. Network Service account does not have permission to read/write the event log. That's why the exception thrown.
I have run my application once as administrator to create the appropriate rules in the EventLog.
Related
Let me try to describe the situation..
Site A:
Is meant is an catch all site, with only 1 library. This is used by an third party software, that send all the items to 1 location with specified information. Behind this is an timerjob, that sends all the items to their respective sites/libraries. (so doesn't stay on Site A)
Site X:
When an new item is added through the timerjob on Site A. An workflow is started, however the workflow is randomly sunspended with a the same error. A manual start on the same item will allways succeed. Thus only the autostart that gets suspended.
Workflow is made in visual studio and is widely used in the application without problems.
The error message:
Details: An unhandled exception occurred during the execution of the
workflow instance. Exception details: System.ApplicationException:
HTTP 401 {"error_description":"The server was unable to process the
request due to an internal error. For more information about the
error, either turn on IncludeExceptionDetailInFaults (either from
ServiceBehaviorAttribute or from the configuration
behavior) on the server in order to send the exception information
back to the client, or turn on tracing as per the Microsoft .NET
Framework SDK documentation and inspect the server trace logs."}
{"x-ms-diagnostics":["3001000;reason=\"There has been an error
authenticating the
request.\";category=\"invalid_client\""],"SPRequestGuid":["c0fb74e8-6b48-0deb-85c4-7fdab324d2f7"],"request-id":["c0fb74e8-6b48-0deb-85c4-7fdab324d2f7"],"X-FRAME-OPTIONS":["SAMEORIGIN"],"SPRequestDuration":["17"],"SPIisLatency":["0"],"Server":["Microsoft-IIS/8.5"],"WWW-Authenticate":["Bearer
realm=\"97b27fa4-494a-4bff-a6a0-00b798335a86\",client_id=\"00000003-0000-0ff1-ce00-000000000000\",trusted_issuers=\"00000005-0000-0000-c000-000000000000#*,00000003-0000-0ff1-ce00-000000000000#97b27fa4-494a-4bff-a6a0-00b798335a86\"","Negotiate","NTLM"],"X-Powered-By":["ASP.NET"],"MicrosoftSharePointTeamServices":["15.0.0.4687"],"X-Content-Type-Options":["nosniff"],"X-MS-InvokeApp":["1;
RequireReadOnly"],"Date":["Mon, 14 Jan 2019 13:47:12 GMT"]} at
Microsoft.Activities.Hosting.Runtime.Subroutine.SubroutineChild.Execute(CodeActivityContext
context) at
System.Activities.CodeActivity.InternalExecute(ActivityInstance
instance, ActivityExecutor executor, BookmarkManager bookmarkManager)
at
System.Activities.Runtime.ActivityExecutor.ExecuteActivityWorkItem.ExecuteBody(ActivityExecutor
executor, BookmarkManager bookmarkManager, Location resultLocation)
Tried many given solutions (User Sync (however manual start with the same user is not a problem)), Workflow App Permissions feature ..
I've created a Windows Service (using Topshelf package) that uses WebApp.Start to listen to http requests. My code is as follows:
var options = new StartOptions();
options.Urls.Add( "http://localhost:9095" );
options.Urls.Add( "http://127.0.0.1:9095" );
options.Urls.Add( $"http://{ConfigurationHelper.IPAddress}:9095" );
options.Urls.Add( $"http://{Environment.MachineName}:9095" );
Microsoft.Owin.Hosting.WebApp.Start<Startup>( options );
I can hit all the desired URLs when I'm browsing on the Windows Service machine, but when I'm on a remote machine on the same network with access to the machine, I get a 500 error when hitting the URL (i.e. http://192.168.100.14:9095/hangfire/).
Some notes:
Windows Firewall is turned off, but I'm still confirming with IT whether or not our hardware firewall might be blocking something (would we get 500 if that was case or 404?)
The windows service is running as a local user that is part of the Administrators group.
For each of those URLs, I ran the netsh command: netsh http add urlacl url=http://127.0.0.1:9095/ user=myAdminUser
Any other ideas on why I'd get a 500 or how to see any diagnostic information anywhere? (debug view and event viewer have nothing).
It is my first Owin application, so I'm very green on it yet.
Update: OWIN error trace
[8496] BTR.Evolution.Service OWIN Exception: Object reference not set to an instance of an object.
[8496]
[8496] at Hangfire.Dashboard.MiddlewareExtensions.Unauthorized(IOwinContext owinContext)
[8496] at Hangfire.Dashboard.MiddlewareExtensions.<>c__DisplayClass1_2.b__1(IDictionary`2 env)
[8496] at Microsoft.Owin.Mapping.MapMiddleware.d__0.MoveNext()
[8496] --- End of stack trace from previous location where exception was thrown ---
[8496] at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
[8496] at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
[8496] at BTR.Evolution.Service.GlobalExceptionMiddleware.d__1.MoveNext() in C:\BTR\Source\Evolution.Service\BTR.Evolution.Service\Startup.cs:line 20
So maybe it wasn't OWIN that was the culprit but rather Hangfire and my attempt to use it remotely. Going to look into authorization filter to see if that will help.
Look into how to get the stack trace from the exception by creating an OWIN middleware logger. See Unhandled Exception Global Handler for OWIN / Katana? for more details.
Judging by the update that includes the stack trace you need to look into auth issues within hangfire. Check out http://docs.hangfire.io/en/latest/configuration/using-dashboard.html#configuring-authorization - This states that for security reasons, by default only local request are allowed. It also provides sample code showing how to use IAuthorizationFilter to allow remote request.
I am running an ASP website and connect to a SQL database, very standard setup. The connection string details are held in the <connectionStrings> tag of the web.config file.
If the database username/password details are not correct, I get an YSOD unhandled exception notice. This is not at all surprising, but I would like to show a custom error page instead. However, I cannot seem to get the custom page to show using <customErrors> settings.
It seems an unhandled exception at the web.config level (for example the incorrect database connection string) means the application does not get as far as redirecting to the custom error page.
Any advice on how to handle this exception would be much appreciated. I understand if the exception happened on a particular page I can add a try/catch to catch it. I am not sure where/how I can handle this exception:
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.SqlClient.SqlException: Login failed for user xxxxx
Find place where this connection string is used and handle exception there.
i am having trouble with the Connection String in C#
the database is on the server via phpmyadmin(i do not own the server its online)
got hosting via GoDaddy as well as GlobeHost but with both same problem
my current connection srting is string strcon = "Server=ipAddress(OfServer);Database=testing;Uid=myusername;Pwd=mypassword";
and i am getting this error while Connection.Open();
check the link testing page
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=**************' failed.
Your web host has configured the server to block outbound connections, at least specifically on your website and possibly that port number.
Speak to your web host to find out if you can be granted permission or if other ports are unblocked (though this is a Code Access Security configuration, so I doubt it depends on the port setting at all) - if not then you will not able to use an external database at all.
Note that using an off-site DB will generally result in very poor performance because of network latency. Is there a reason you're not using a DB provided by your host?
Connection String format is wrong. It has to be
connectionString="Server=192.168.0.XX;Database=DBname;User Id=bdusername;Password=dbpassword;"
I have a hosting providor -hostgator--that only allows a medium trust level. I could only get a credit card transaction to process at a full trust level from my environment. How can I get it to work at medium trust level on the host?
Thx
-using the following sample code from authorize: https://github.com/AuthorizeNet/sample-code-csharp/blob/master/PaymentTransactions/ChargeCreditCard.cs
Either get one of these two errors:
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Request failed.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Configuration Error
Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
Parser Error Message: This configuration section cannot be used at this path. This happens when the site administrator has locked access to this section using from an inherited configuration file.