Thursday, 29 June 2006
XmlConfigurator.Configure()placed in the
This all works if the ASP.Net application is run in full trust, however I want my app to work in medium trust (otherwise Dominick will send the boys around) and this proved more difficult. The problem is that log4Net uses the new Configuration APIs and these demand the
System.Configuration.ConfigurationPermission which is medium trust fails.
After a few false starts I found the answer in Stefan Schackow's excellent book Professional ASP.Net 2.0 Security, Membership and Role Management. In ASP.Net 2.0 there is a new attribute you can add to the
section element in web.config, the attribute is
requirePermission, setting this to false stops the configuration APIs demanding permissions. My log4net section now looks like this
<configSections> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net" requirePermission="false"/> </configSections>and log4net now works in medium trust.
Posted by Netat 10:47 PM in