If you're going to call Configure from Application_Start, you should
always have access to the current HttpContext which means you may be
able to wire up the event like this:
// ???
HttpContext.Current.ApplicationInstance.BeginRequest +=
new EventHandler(this.OnPreRequestHandlerExecute);
--- Ron Grabowski <[EMAIL PROTECTED]> wrote:
> Do you think passing in the current process' credentials as soon as
> they are available would solve the problem?
>
> I made a static event on Global called PreRequestHandlerExecute that
> gets fired inside of Application_PreRequestHandlerExecute. This
> appender subscribes to the event and executes code the first time the
> PreRequestHandlerExecute event is fired. It then unsubscribes itself
> from the event.
>
> // untested
> public class AspNetSecurityContextAdoNetAppender : AdoNetAppender
> {
> public override void ActivateOptions()
> {
> Global.PreRequestHandlerExecute +=
> new EventHandler(this.OnPreRequestHandlerExecute);
> base.ActivateOptions();
> }
> private void OnPreRequestHandlerExecute(object s, EventArgs e)
> {
> WindowsSecurityContext context = new WindowsSecurityContext();
> context.Credentials =
> WindowsSecurityContext.ImpersonationMode.Process;
> context.ActivateOptions();
> SecurityContext = context;
>
> // System.Delegate.Remove ???
> Global.PreRequestHandlerExecute -=
> new EventHandler(this.OnPreRequestHandlerExecute);
> }
> }
>
> --- Billy Barnum <[EMAIL PROTECTED]> wrote:
>
> > Ah. I see now. I'm afraid you're S.O.L., Colin. (Unless someone
> else
> > out
> > there has a better idea?)
> >
> > You see, you need to be calling that configureandwatch() or
> > configure() only
> > once per application "session", yes? And for ASP.NET, that point is
> > Application_Start(), when the web site is brought up. However -
> and
> > this is
> > a big however - there is no current user at that point.
> > CurrentPrincipal is
> > a big fat (thin?) null. Makes sense, right? No one has connected.
> >
> > So you're problem is not that log4net won't let you pass in current
> > process
> > credentials ... it's that there are none to pass at the time that
> > configure() or configureandwatch() are called . Therefore you have
> to
> > connect as a user, and in turn to do that you need to provide a
> > domain and
> > password, or use a database id.
> >
> > The only way I could see for the keepers of log4net to solve this
> > problem
> > would be to go back and try to re-fetch credentials at the point
> you
> > log
> > events to adoappenders in your code ... or any point after
> > application
> > startup. Might be possible, dunno. Prolly very expensive in
> > performance,
> > though, if it's even possible. I'd hafta think about it.
> >
> > Myself, I'd love it if this were possible, because I've started to
> > use
> > log4net as more than a debugging and tracing tool, I've made it
> part
> > of
> > *application* logic in certain areas and like you "logged" to
> > relational
> > databases; saved my clients time and $$$. But this security gotcha
> > seems to
> > be the price.
> >
> > Is there hope?
> >
> > -BillyB
> >
> > WILLIAM BARNUM
> > [EMAIL PROTECTED]
>
