Security exception when writting to an EventLog from an ASP.NET MVC application

CoderDennis picture CoderDennis · Oct 22, 2009 · Viewed 9.1k times · Source

I have a library that I created with some business logic that includes writing to a System.Diagnostics.EventLog instance. The library is normally called from a Windows Service application, but now I'm trying to call those same library functions from my ASP.NET MVC application.

I tried this code inside my controller to create the EventLog instance that I pass into the method that needs to write to the log.

Dim log = New EventLog("Application", My.Computer.Name, "MyMVCApp")

The following error is generated when the code within the library method tries to write to the log:

[SecurityException: Requested registry access is not allowed.]
 System.ThrowHelper.ThrowSecurityException(ExceptionResource resource) +51
 Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean writable) +7462217
 System.Diagnostics.EventLog.CreateEventSource(EventSourceCreationData sourceData) +366
 System.Diagnostics.EventLog.VerifyAndCreateSource(String sourceName, String currentMachineName) +194
 System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType type, Int32 eventID, Int16 category, Byte[] rawData) +205
 System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType type) +14

My web app is running as the Network Service user on Windows Server 2003 running IIS 6. Is there something I need to do in order to give the Network Service user access to the registry?

Is there a better way to create an EventLog instance for use in an ASP.NET MVC application? Is there one already created by the framework that I just need to reference?

Answer

UpTheCreek picture UpTheCreek · Oct 25, 2009

From MSDN: "Applications that run using the Network Service identity can write to the event log by using existing event sources, but they cannot create new event sources because of insufficient registry permissions."

And...

"If the Source for the event log associated with the EventLog instance does not exist, a new event source is created."

So looks like your event log source doesn't exist, and it's trying to create a new event log source using the Network Service User (which requires writing to the registry, so wont work).

"To enable your ASP.NET application to write to the event log using an event source that does not already exist, you have two options:"

  • Create new event sources at application install time
  • Manually create new event source entry in the registry.

So, need to create the log outside of the application (you can't do it programatically with this user. Do it either manually, or create a simple command line app to simplify installation).

For full details:

http://msdn.microsoft.com/en-us/library/ms998320.aspx#paght000015_eventlogaccess

Personally I'd recommend that you don't alter the net user permissions, but rather create the log source outside of the web app. My preference is in a console app (which will take you about 5mins to write, and which you can also use to prep other machines). Start a new console app in VS.NET, and add the code to create the log sources. An example:

http://www.dotnetspider.com/resources/23593-Create-Event-log-VB-NET.aspx

Then just run the console app from the cmd line, when logged in with appropriate permissions.