Security problem when writting to Event Log

[JMMB]

When trying to execute the following code in a web service, I get the
enclosed error. Everyone has full control to the registry and Security
System is configured with the default "Full Control" access for "All code".
thanks a lot.

WEBMETHOD:
EventLog log = new EventLog("ContosoLog");
log.Source = "MyServiceApplication";
log.WriteEntry("My sessionID", EventLogEntryType.Warning);

ERROR:
System.Web.Services.Protocols.SoapException: Server was unable to process
request. ---> System.Security.SecurityException: Requested registry access is
not allowed. at Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean
writable) at System.Diagnostics.EventLog.FindSourceRegistration (String
source, String machineName, Boolean readOnly) at
System.Diagnostics.EventLog.SourceExists(String source, String machineName)
at System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
type, Int32 eventID, Int16 category, Byte[] rawData) at
System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
type, Int32 eventID, Int16 category) at
System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
type, Int32 eventID) at System.Diagnostics.EventLog.WriteEntry(String
message, EventLogEntryType type) at MyService.Service1.SessionID() in
c:\inetpub\wwwroot\myservice\service1.asmx.cs:line 79 --- End of inner
exception stack trace ---

[Yunus]

u should give ASP.NET user required permission to write event log. adding it
administrator group should fix it. By i think u should use local security
policy to configure settings...

--

Thanks,
Yunus Emre ALPÖZEN
BSc, MCAD.NET

"JMMB" <microsoft.com> wrote in message
news:com... 

[Nicole]

"Yunus Emre ALPÖZEN [MCAD.NET]" <net> wrote in message
news:%phx.gbl... 

That won't actually help here.

 

Running as an admin will fix just about any problem that's due to a
restricted ACL. However, running ASP.NET under an admin account is usually
a pretty terrible idea...

 

No setting that's modifiable under the Local Security Policy MMC is relevant
to this problem.

 
>
>[/ref]

[Nicole]

"JMMB" <microsoft.com> wrote in message
news:com... 

Not to every key in the registry, or you wouldn't be having this problem.
<g>
 

If by this you mean that you're running under default CAS (code access
security) policy, that's not relevant to the exception you're seeing, which
is due to user permissions, not CAS permissions.

You're probably seeing this exception because the "MyServiceApplication"
source isn't actually registered. When the framework code invoked by the
WriteEntry method attempts to identify the log associated with the source
(which it does even if you tell it which log to use), it's most likely
hitting registry entries for a log with highly restricted permissions (e.g.:
Security, or maybe ContosoLog if you haven't set its permissions
appropriate). In order to avoid this problem, you need to create your new
log and register the "MyServiceApplication" source while running from a more
privileged account. One approach is to do this from your application's
installer, which would typically be run under an admin account.