Not that I'm an ASP.NET expert at all (believe me!), but this ain't gonna work either. You don't have an ApplicationInstance yet in Application_Start(), so you can't do much of anything. You could do the work in Session_Start(), but then you're back to the performance thing again. You're also faced with the fact that the process identity there is the ASPNET identity, not that of the anonymous user. This is what that fellow Colin was talking about; I didn't get it myself 'til now (sorry for all those wasted words, Colin).
I wonder how ADO.NET connection objects grab that anonymous id? That's what we need. WILLIAM BARNUM [EMAIL PROTECTED] -----Original Message----- From: Ron Grabowski [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 29, 2005 9:53 PM To: Log4NET User Subject: RE: How to pass integrated security credentials to AdoNetAppender from ASP.NET? If you're going to call Configure from Application_Start, you should always have access to the current HttpContext which means you may be able to wire up the event like this: // ??? HttpContext.Current.ApplicationInstance.BeginRequest += new EventHandler(this.OnPreRequestHandlerExecute); --- Ron Grabowski <[EMAIL PROTECTED]> wrote: > Do you think passing in the current process' credentials as soon as > they are available would solve the problem? > > I made a static event on Global called PreRequestHandlerExecute that > gets fired inside of Application_PreRequestHandlerExecute. This > appender subscribes to the event and executes code the first time the > PreRequestHandlerExecute event is fired. It then unsubscribes itself > from the event. > > // untested > public class AspNetSecurityContextAdoNetAppender : AdoNetAppender > { > public override void ActivateOptions() > { > Global.PreRequestHandlerExecute += > new EventHandler(this.OnPreRequestHandlerExecute); > base.ActivateOptions(); > } > private void OnPreRequestHandlerExecute(object s, EventArgs e) > { > WindowsSecurityContext context = new WindowsSecurityContext(); > context.Credentials = > WindowsSecurityContext.ImpersonationMode.Process; > context.ActivateOptions(); > SecurityContext = context; > > // System.Delegate.Remove ??? > Global.PreRequestHandlerExecute -= > new EventHandler(this.OnPreRequestHandlerExecute); > } > } > > --- Billy Barnum <[EMAIL PROTECTED]> wrote: > > > Ah. I see now. I'm afraid you're S.O.L., Colin. (Unless someone > else > > out > > there has a better idea?) > > > > You see, you need to be calling that configureandwatch() or > > configure() only > > once per application "session", yes? And for ASP.NET, that point is > > Application_Start(), when the web site is brought up. However - > and > > this is > > a big however - there is no current user at that point. > > CurrentPrincipal is > > a big fat (thin?) null. Makes sense, right? No one has connected. > > > > So you're problem is not that log4net won't let you pass in current > > process > > credentials ... it's that there are none to pass at the time that > > configure() or configureandwatch() are called . Therefore you have > to > > connect as a user, and in turn to do that you need to provide a > > domain and > > password, or use a database id. > > > > The only way I could see for the keepers of log4net to solve this > > problem > > would be to go back and try to re-fetch credentials at the point > you > > log > > events to adoappenders in your code ... or any point after > > application > > startup. Might be possible, dunno. Prolly very expensive in > > performance, > > though, if it's even possible. I'd hafta think about it. > > > > Myself, I'd love it if this were possible, because I've started to > > use > > log4net as more than a debugging and tracing tool, I've made it > part > > of > > *application* logic in certain areas and like you "logged" to > > relational > > databases; saved my clients time and $$$. But this security gotcha > > seems to > > be the price. > > > > Is there hope? > > > > -BillyB > > > > WILLIAM BARNUM > > [EMAIL PROTECTED] >
