Ask a Question related to ASP.NET Security, Design and Development.
-
Ian Wright #1
Cannot read a Security Log from ASP.net web service
I'm attempting to read the security event log for a WinXP Pro machine using
a web form that calls a web service. Both files are stored in the same
directory in IIS. The directory is set to use Windows Integrated security
and I've set up the web app to use impersonation with the local admin
account on a WinXP Pro box.
I get the following error though whenever I attempt to iterate over the
Entries collection of the EventLog object:
Cannot open log Security on machine .. Windows has not provided an error
code.
The application log and the system log can both be read though using the
same web service. I've altered the machine.config file to use both the
LOCAL and Administrator accounts with the same result. If I put the same
code into a Win form project, it works just fine and I'm able to view the
entries of the security log. Within the web method, I can see that the
current user making the request is the local administrator by using the
IIdentity interface of the User object. Explicitly impersonating the local
admin using objects of the System.Security namespace doesn't help either.
Signing the web service with sn.exe and putting it into the GAC has not
helped. I created a code permission that included full privileges to the
registry and event logs and set my sn assembly to use it, but the same error
occurs. Using Regmon.exe, I can see the requests to the registry keys that
are made, but no error messages are reported.
Can anyone provide suggestions for a fix?
Ian Wright Guest
-
Web service security
Hello I am new to web services and I have a number of questions. I have read the WSE documentation and various other articles, but I am not sure... -
Web Service and Application Security
My application software is deployed across two tiers; a WinForms workstation client and a Web Services layer. My application will require... -
Web Service Security?
I have created a Windows app in C# which makes a call to a dll created in C# and to a Web Service, also created in C#. I have put the exe along... -
How to get or read Session Info from Java Web Service?
Hi Everyone, I am accessing a Java web service from my Windows Form App wrttien in Vb.Net. I want to read some cookies set by the web service.... -
how do i read data from this web service?
Imports System.Web.Services 'Imports System.Data.SqlClient Imports System.Data.OleDb <System.Web.Services.WebService(Namespace :=... -
Eric Marvets #2 Re: Cannot read a Security Log from ASP.net web service
Its all about the process identity. You could put the ASPNET account in the
Administrators group and it would work, but that's a security risk.
Here's what you do. Open regedit. Find
'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servi ces\Eventlog\Security' and
go to Edit -> Permissions. Give the ASPNET account full control to this
key.
--
Eric Marvets
Principal Consultant
the bang project
<shameless self promotion>
Email [email]sales@bangproject.com[/email] for Information on Our Architecture and
Mentoring Services
</shameless self promotion>
Eric Marvets Guest
-
Ian Wright #3 Re: Cannot read a Security Log from ASP.net web service
Good suggestion, but I tried that a little earlier just to see if it would
work (and yes, it's a very bad idea to grant that permission to the ASPNET
account). Anyway, the error is still the same. It looks to me as though
it's just a defect in the runtime/IIS. Maybe MS just decided to lock down
the security log so that nothing even remotely related to the ASPNET process
can touch it.
Here's the error I get after adding the ASPNET account to the Admin group:
Cannot open log Security on machine .. Windows has not provided an error
code.
at System.Diagnostics.EventLog.OpenForRead()
at System.Diagnostics.EventLog.get_EntryCount()
at System.Diagnostics.EventLogEntryCollection.get_Cou nt()
at System.Diagnostics.EntriesEnumerator.MoveNext()
at EventLogArchiver.ServerEventLogReader.GetServerEve nts(String LogName) in
c:\inetpub\wwwroot\EventLogArchiver\ServerEventLog Reader.asmx.vb:line 71
TY Eric for taking the time to respond.
"Ian Wright" <ian-c-wright@msn.com> wrote in message
news:eL5cgGEQEHA.640@TK2MSFTNGP09.phx.gbl...using> I'm attempting to read the security event log for a WinXP Pro machinelocal> a web form that calls a web service. Both files are stored in the same
> directory in IIS. The directory is set to use Windows Integrated security
> and I've set up the web app to use impersonation with the local admin
> account on a WinXP Pro box.
>
> I get the following error though whenever I attempt to iterate over the
> Entries collection of the EventLog object:
>
> Cannot open log Security on machine .. Windows has not provided an error
> code.
>
> The application log and the system log can both be read though using the
> same web service. I've altered the machine.config file to use both the
> LOCAL and Administrator accounts with the same result. If I put the same
> code into a Win form project, it works just fine and I'm able to view the
> entries of the security log. Within the web method, I can see that the
> current user making the request is the local administrator by using the
> IIdentity interface of the User object. Explicitly impersonating theerror> admin using objects of the System.Security namespace doesn't help either.
>
> Signing the web service with sn.exe and putting it into the GAC has not
> helped. I created a code permission that included full privileges to the
> registry and event logs and set my sn assembly to use it, but the samethat> occurs. Using Regmon.exe, I can see the requests to the registry keys> are made, but no error messages are reported.
>
> Can anyone provide suggestions for a fix?
>
>
Ian Wright Guest
-
Eric Marvets #4 Re: Cannot read a Security Log from ASP.net web service
Have you turned on auditing and looked at the security or even the
application log for a better error message? I have had no problems doing
this in the past.
--
Eric Marvets
Principal Consultant
the bang project
<shameless self promotion>
Email [email]sales@bangproject.com[/email] for Information on Our Architecture and
Mentoring Services
</shameless self promotion>
Eric Marvets Guest
-
Ian Wright #5 Re: Cannot read a Security Log from ASP.net web service
There are no events recorded in the either of the logs you mentioned that
have to do with my problem.
I looked at the Programming .NET Security book by Freeman and Jones. In
there, they point out that the security log requires a special permission
("Manage auditing and security log") in order to do certain operations (p.
514). Even after explicitly adding the ASPNET account to this user right
group though, it still fails with the same error. I've also added the
ASPNET account with Full Control rights to the registry key for the Services
stuff to no avail.
At this point, my hunch is that the functionality I need is broken as the
result of a recent MS security patch. The same error happens on both of my
WinXP machines. I'll try a Win2K box tomorrow. The thing that's so
frustrating is that even by granting the ASPNET the highest privileges and
access to the system, the web service cannot enumerate thru the log
collection. Perhaps service pack 2 addresses this bug.
"Eric Marvets" <ericm@bangproject.com> wrote in message
news:%23S$m8kFQEHA.632@TK2MSFTNGP12.phx.gbl...> Have you turned on auditing and looked at the security or even the
> application log for a better error message? I have had no problems doing
> this in the past.
>
> --
> Eric Marvets
> Principal Consultant
>
> the bang project
>
> <shameless self promotion>
>
> Email [email]sales@bangproject.com[/email] for Information on Our Architecture and
> Mentoring Services
>
> </shameless self promotion>
>
>
Ian Wright Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
