According to this post: http://tinyurl.com/ar376 http://www.mygenerationsoftware.com/phpbb2/viewtopic.php?p=3563#3563
" No, actually the thread that is running your global.asax code is not a thread from the thread pool " Do other database drivers like the MySql Connector or the Postgres .NET drivers support integrated authentication? Maybe their code would shed some light on the matter. --- Billy Barnum <[EMAIL PROTECTED]> wrote: > Not that I'm an ASP.NET expert at all (believe me!), but this ain't > gonna > work either. You don't have an ApplicationInstance yet in > Application_Start(), so you can't do much of anything. You could do > the work > in Session_Start(), but then you're back to the performance thing > again. > You're also faced with the fact that the process identity there is > the > ASPNET identity, not that of the anonymous user. This is what that > fellow > Colin was talking about; I didn't get it myself 'til now (sorry for > all > those wasted words, Colin). > > I wonder how ADO.NET connection objects grab that anonymous id? > That's what > we need. > > WILLIAM BARNUM > [EMAIL PROTECTED] > > > -----Original Message----- > From: Ron Grabowski [mailto:[EMAIL PROTECTED] > Sent: Tuesday, November 29, 2005 9:53 PM > To: Log4NET User > Subject: RE: How to pass integrated security credentials to > AdoNetAppender > from ASP.NET? > > If you're going to call Configure from Application_Start, you should > always have access to the current HttpContext which means you may be > able to wire up the event like this: > > // ??? > HttpContext.Current.ApplicationInstance.BeginRequest += > new EventHandler(this.OnPreRequestHandlerExecute); > > --- Ron Grabowski <[EMAIL PROTECTED]> wrote: > > > Do you think passing in the current process' credentials as soon as > > they are available would solve the problem? > > > > I made a static event on Global called PreRequestHandlerExecute > that > > gets fired inside of Application_PreRequestHandlerExecute. This > > appender subscribes to the event and executes code the first time > the > > PreRequestHandlerExecute event is fired. It then unsubscribes > itself > > from the event. > > > > // untested > > public class AspNetSecurityContextAdoNetAppender : AdoNetAppender > > { > > public override void ActivateOptions() > > { > > Global.PreRequestHandlerExecute += > > new EventHandler(this.OnPreRequestHandlerExecute); > > base.ActivateOptions(); > > } > > private void OnPreRequestHandlerExecute(object s, EventArgs e) > > { > > WindowsSecurityContext context = new WindowsSecurityContext(); > > context.Credentials = > > WindowsSecurityContext.ImpersonationMode.Process; > > context.ActivateOptions(); > > SecurityContext = context; > > > > // System.Delegate.Remove ??? > > Global.PreRequestHandlerExecute -= > > new EventHandler(this.OnPreRequestHandlerExecute); > > } > > } > > > > --- Billy Barnum <[EMAIL PROTECTED]> wrote: > > > > > Ah. I see now. I'm afraid you're S.O.L., Colin. (Unless someone > > else > > > out > > > there has a better idea?) > > > > > > You see, you need to be calling that configureandwatch() or > > > configure() only > > > once per application "session", yes? And for ASP.NET, that point > is > > > Application_Start(), when the web site is brought up. However - > > and > > > this is > > > a big however - there is no current user at that point. > > > CurrentPrincipal is > > > a big fat (thin?) null. Makes sense, right? No one has connected. > > > > > > > So you're problem is not that log4net won't let you pass in > current > > > process > > > credentials ... it's that there are none to pass at the time that > > > configure() or configureandwatch() are called . Therefore you > have > > to > > > connect as a user, and in turn to do that you need to provide a > > > domain and > > > password, or use a database id. > > > > > > The only way I could see for the keepers of log4net to solve this > > > problem > > > would be to go back and try to re-fetch credentials at the point > > you > > > log > > > events to adoappenders in your code ... or any point after > > > application > > > startup. Might be possible, dunno. Prolly very expensive in > > > performance, > > > though, if it's even possible. I'd hafta think about it. > > > > > > Myself, I'd love it if this were possible, because I've started > to > > > use > > > log4net as more than a debugging and tracing tool, I've made it > > part > > > of > > > *application* logic in certain areas and like you "logged" to > > > relational > > > databases; saved my clients time and $$$. But this security > gotcha > > > seems to > > > be the price. > > > > > > Is there hope? > > > > > > -BillyB > > > > > > WILLIAM BARNUM > > > [EMAIL PROTECTED] > > > >
