Michele Lepri created LOG4NET-347:
-------------------------------------
Summary: Log4net not working in an ASP.Net environment with medium
trust
Key: LOG4NET-347
URL: https://issues.apache.org/jira/browse/LOG4NET-347
Project: Log4net
Issue Type: Bug
Components: Core
Environment: Asp.Net environment running in medium trust
Reporter: Michele Lepri
As you know, .net 4 security policy are changed and are a lot more strict.
First of all, I'm not an expert about .net 4 security =) and I never
developed web apps for medium trust: this is my fist time.
The problem is simple: log4net doesn't work in medium trust.
the exception is thrown by the [SecurityCritical] Attribute of the
System.Reflection.TargetInvocationException: Exception has been thrown
"GetObjectData" method of ReadOnlyPropertiesDictionary class.
by the target of an invocation. ---> System.TypeLoadException:
Inheritance security rules violated while overriding member:
'log4net.Util.ReadOnlyPropertiesDictionary.GetObjectData(System.Runtim
e.Serialization.SerializationInfo,
System.Runtime.Serialization.StreamingContext)'. Security
accessibility of the overriding method must match the security
accessibility of the method being overriden.
at log4net.Repository.Hierarchy.Hierarchy..ctor(ILoggerFactory
loggerFactory)
at log4net.Repository.Hierarchy.Hierarchy..ctor()
--- End of inner exception stack trace ---
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type,
Boolean publicOnly, Boolean noCheck, Boolean& canBeCached,
RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck)
at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly,
Boolean skipCheckThis, Boolean fillCache)
at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly,
Boolean skipVisibilityChecks, Boolean skipCheckThis, Boolean fillCache)
at System.Activator.CreateInstance(Type type, Boolean nonPublic)
at log4net.Core.DefaultRepositorySelector.CreateRepository(String
repositoryName, Type repositoryType)
at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
repositoryAssembly, Type repositoryType, String repositoryName,
Boolean
readAssemblyAttributes)
at log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly
repositoryAssembly, Type repositoryType)
at log4net.Core.DefaultRepositorySelector.GetRepository(Assembly
repositoryAssembly)
at log4net.Core.LoggerManager.GetRepository(Assembly repositoryAssembly)
at log4net.Config.XmlConfigurator.Configure()
[CUT]
According to this:
http://msdn.microsoft.com/en-us/library/bb924412.aspx
Serialization in a partially-trusted application should be done in
another way ([DataContract] attribute must used, you can't use
[Serializable] attribute and can't use ISerializable interface to
control the serialization process.
I patched log4net in a insane way, but it works now: after removed the
[Serializable] and the ISerializable interface all work fine, but of
course i "lose" all the code performed by the implementation of the
ISerializable interface.
By the way the log is fine for me now and all I need seem to work.
To be really onest, i don't know what I should loose doing a thing like
that..
Other library (like Ninject) provide a separate build for medium trust
environment and it works great.
I think would be really great to have a version like that for log4net.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
