Uploaded image for project: 'Log4net'
  1. Log4net
  2. LOG4NET-347

Log4net not working in an ASP.Net environment with medium trust

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 1.2.12
    • Core
    • None
    • Asp.Net environment running in medium trust

    Description

      As you know, .net 4 security policy are changed and are a lot more strict.

      First of all, I'm not an expert about .net 4 security =) and I never
      developed web apps for medium trust: this is my fist time.

      The problem is simple: log4net doesn't work in medium trust.

      the exception is thrown by the [SecurityCritical] Attribute of the

      System.Reflection.TargetInvocationException: Exception has been thrown
      "GetObjectData" method of ReadOnlyPropertiesDictionary class.

      by the target of an invocation. ---> System.TypeLoadException:
      Inheritance security rules violated while overriding member:
      'log4net.Util.ReadOnlyPropertiesDictionary.GetObjectData(System.Runtim
      e.Serialization.SerializationInfo,
      System.Runtime.Serialization.StreamingContext)'. Security
      accessibility of the overriding method must match the security
      accessibility of the method being overriden.
      at log4net.Repository.Hierarchy.Hierarchy..ctor(ILoggerFactory
      loggerFactory)
      at log4net.Repository.Hierarchy.Hierarchy..ctor()
      — End of inner exception stack trace —
      at System.RuntimeTypeHandle.CreateInstance(RuntimeType type,
      Boolean publicOnly, Boolean noCheck, Boolean& canBeCached,
      RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck)
      at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly,
      Boolean skipCheckThis, Boolean fillCache)
      at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly,
      Boolean skipVisibilityChecks, Boolean skipCheckThis, Boolean fillCache)
      at System.Activator.CreateInstance(Type type, Boolean nonPublic)
      at log4net.Core.DefaultRepositorySelector.CreateRepository(String
      repositoryName, Type repositoryType)
      at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
      repositoryAssembly, Type repositoryType, String repositoryName,
      Boolean
      readAssemblyAttributes)
      at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
      repositoryAssembly, Type repositoryType)
      at log4net.Core.DefaultRepositorySelector.GetRepository(Assembly
      repositoryAssembly)
      at log4net.Core.LoggerManager.GetRepository(Assembly repositoryAssembly)
      at log4net.Config.XmlConfigurator.Configure()
      [CUT]

      According to this:
      http://msdn.microsoft.com/en-us/library/bb924412.aspx

      Serialization in a partially-trusted application should be done in
      another way ([DataContract] attribute must used, you can't use
      [Serializable] attribute and can't use ISerializable interface to
      control the serialization process.

      I patched log4net in a insane way, but it works now: after removed the
      [Serializable] and the ISerializable interface all work fine, but of
      course i "lose" all the code performed by the implementation of the
      ISerializable interface.
      By the way the log is fine for me now and all I need seem to work.
      To be really onest, i don't know what I should loose doing a thing like
      that..

      Other library (like Ninject) provide a separate build for medium trust
      environment and it works great.

      I think would be really great to have a version like that for log4net.

      Attachments

        1. log4net-347.patch
          1 kB
          Andrew Arnott

        Issue Links

          Activity

            People

              nachbarslumpi Dominik Psenner
              michele_lepri Michele Lepri
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: