Chasing my tail with EMAB.NET

I have found the Microsoft Application Blocks for .NET very helpful and reusable. However, today I had fun chasing my tail trying to deploy the Microsoft Exception Management Application Block (EMAB). I kept getting this exception in my exception handler:

System.Security.SecurityException: Requested registry access is not allowed.
[SecurityException: Requested registry access is not allowed.]
Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean writable) +440
System.Diagnostics.EventLog.CreateEventSource(String source, String logName, String machineName, Boolean useMutex)
System.Diagnostics.EventLog.CreateEventSource(String source, String logName, String machineName)
System.Diagnostics.EventLog.CreateEventSource(String source, String logName)
Microsoft.ApplicationBlocks.ExceptionManagement.DefaultPublisher.VerifyValidSource()

This exception made me scratch my head since I am not writing any exceptions to the registry. I kept trying to tweak my Web.Config file which contains all my application settings. I assumed that since the error message contained “DefaultPublisher” that my “CustomPublisher” was not executing. Therefore, I keep playing with its configuration trying to make it run.

I didn’t get far doing this and I decided to check the directory permissions where my exception logging was being serialized. I forgot to setup directory level security for this folder on the remote web server. What frustrates me is this security exception wrongly reported that
a) the “DefaultPublisher” was executing when it wasn’t
b) the security exception was in the registry when it was in the file system

I played around a little and confirmed every security exception generates this same message. Wonderful, this security exception must be hard coded for all security problems.

6 thoughts on “Chasing my tail with EMAB.NET

  • January 9, 2004 at 12:00 am
    Permalink

    Hey! I’m having that exact same problem with EMAB.NET. However, from your journal entry I wasn’t clear on solution. I have a custom publisher as well, I’m not writing to the registry. What file permission setting did you wind up working with? I’m not writing anything to a log that I know of.
    Thanks for your time!
    Will T.

  • January 9, 2004 at 6:57 pm
    Permalink

    Will,
    I was using the EMAB with a Custom Publisher to write exceptions to an XML file and e-mail them to the person supporting the application. It appears that all EMAB problems fail with the same message:
    System.Security.SecurityException: Requested registry access is not allowed…
    What are you trying to do in your Custom Publisher? Post it here and I will take a look at it and see if I can find the problem.
    Hope this helps,
    Asa

  • January 9, 2004 at 8:35 pm
    Permalink

    Oddly enough, I seemed to have fixed it. Here’s the one thing going on with me that might be different than your configuration. I’m running 2003 Server and I have my WebUI and my WebService stuff in two different virtual servers. I had the WebUI running in the default application pool and the WebService in a different pool emulating a different NT account. Once I put both of the web apps in the same application pool, it worked. So, I think your theory that this security error is a generic, misleading, crappy thing that crops up for any access error is correct. Thanks for being there!

  • February 4, 2004 at 4:11 pm
    Permalink

    I think that the problem here is that when the EMAB finds an exception while handling the custom publishing, it reverts to the DefaultPublisher. Then it finds another exception and that’s the mistake that we are encountering.
    I am not 100% sure of this, anyway.
    Nice blog.
    PS. Sorry for my English. I’m a spaniard.

  • February 17, 2004 at 4:46 pm
    Permalink

    Hello
    I found a work around. After hitting the exact same issue with an ASP.NET application (of course the WinForm sample they give you works fine), I researched the security context of the ASP.NET worker thread.
    The issue is that EMAB is trying to create a “event log *source*” on your behalf. This involves writing to the registry, and the ASP.NET worker thread does not have the required security priviledge to do so.
    M$ states you can run installutil.exe on the management DLL, but this didn’t fix it for me. I did find something that did work for me on asp247.com – use regedit to create a key under HKLM\System\CurrentControlSet\Services\Eventlog\\.
    Once you create this key, and your web.config points to and uses , it works.
    HTH, Terry

  • March 18, 2005 at 7:22 pm
    Permalink

    Hi,
    I have been trying to use the Enterprise lib (DAAB) in particular for my ASP.NET applications. It always gives a security exception. Googling did not help. The MS article asks me to put in the reg key…but how do i link it to my app?
    My implementation nothing but a test toy app….
    execute a query and return the results to a datagrid..thats all it does. No fancy stuff.
    Thanks in advance.

Comments are closed.