log4net - 附加程序在 IIS7.5 中不起作用
我可以使用 log4net 和 Cassini/IIS 开发服务器写入日志文件,但是当我使用 IIS7.5 时,我无法写入文件。
最初,我遇到了安全异常,因此我添加了 requirePermission="false"
并且异常消失了,但没有创建文件。
根据 IISM,信任级别为“满”。
我无法在我自己的机器上运行它,我想知道当我转移到 ISP (discountASP) 时会发生什么。
这是 log4net 设置:
<configSections>
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net" requirePermission="false" />
</configSections>
<log4net>
<appender name="FileAppender" type="log4net.Appender.FileAppender">
<file value="log-file.txt" />
<appendToFile value="true" />
<encoding value="utf-8" />
<layout type="log4net.Layout.SimpleLayout" />
</appender>
<root>
<level value="DEBUG" />
<appender-ref ref="FileAppender" />
</root>
</log4net>
C#
log4net.Config.XmlConfigurator.Configure();
ILog Log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
Log.Info("This is a test");
有任何线索吗?
ASP.NET 3.5、VS2008、Windows 7、IIS7.5、log4net 1.2.10
编辑:
我使用了在 Cassini 中运行的测试 Web 应用程序,并在 IIS7.5 中运行它,它工作正常,所以有一些东西特定于我的 Web 应用程序,该应用程序阻止 log4net 运行。有 其中发生了很多事情,ELMAH、输出缓存、AJAX 控制工具包、表单身份验证、ssl、url 重写等...除了将其中每一个添加到测试应用程序之外,是否有更好的方法来找出导致 log4net 的原因去工作?
更新:
我使用 AdoNetAppender 来避免文件权限问题,但仍然得到相同的结果。 AdoNetAppender 适用于在 Cassini 和 IIS 上运行的测试应用程序,但它不适用于我的 Web 应用程序。得到以下异常:
System.Security.SecurityException:请求“System.Configuration.ConfigurationPermission、System.Configuration...”类型的权限失败。
更新2: 我错误地认为测试 webapp fileAppender 在 IIS7.5 中工作。发生的情况是这样的:测试 webapp fileAppender 和 AdoDotNetAppender 都可以在 Cassini/IIS dev 中工作,但不能在 IIS7.5 中工作。所以我认为问题出在 IIS 上,而不是我的 web 应用程序。
笔记。我以管理员身份运行 VS2008,但以非管理员身份登录 Windows 7。另外,我运行的是 Windows 7 家庭高级版,而不是专业版。
我授予 NETWORK SERVICE 对 Web 根目录的完全权限,但仍然没有创建文件。还给了所有人完全权限,没有文件。
由于 adoDotNetAppender 也不起作用(但在开发 IIS 中起作用),我认为除了文件权限之外可能还存在另一个问题。
更新3:
我让它适用于IIS7上的FileAppender。如果我添加这个:
<identity impersonate="true"
userName="zzz"
password="yyy" />
并且如果用户是管理员,它就可以工作。如果是我,而不是管理员,则不会。所以这是一个权限问题。但我确实授予了每个人对之前写入文件的目录的权限,但它不起作用,因此在其他地方有一个权限设置。另外,虽然 FileAppender 现在可以进行模拟,但 AdoNetAppender 在 IIS7 中仍然无法使用。我尝试添加:
<securityContext type="log4net.Util.WindowsSecurityContext">
<userName value="zzz" />
<password value="yyy" />
<domain value="aaa" />
</securityContext>
到 AdoNetAppender 部分,但仍然失败。
我为任何可以帮助我让 AdoNetAppender 与 IIS7.5 一起工作的人添加了赏金。
更新 4:
我终于掌握了堆栈跟踪。情况如下:
log4net:ERROR [AdoNetAppender] Failed in DoAppend
System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
at log4net.Util.LogicalThreadContextProperties.GetProperties(Boolean create)
at log4net.Core.LoggingEvent.CreateCompositeProperties()
at log4net.Core.LoggingEvent.CacheProperties()
at log4net.Core.LoggingEvent.FixVolatileData(FixFlags flags)
at log4net.Core.LoggingEvent.set_Fix(FixFlags value)
at log4net.Appender.BufferingAppenderSkeleton.Append(LoggingEvent loggingEvent)
at log4net.Appender.AppenderSkeleton.DoAppend(LoggingEvent loggingEvent)
The action that failed was:
LinkDemand
The type of the first permission that failed was:
System.Security.Permissions.SecurityPermission
The Zone of the assembly that failed was:
MyComputer
我打开了 SQL Profiler,但没有任何内容到达 SQL Server。此外,SQL Server 帐户具有执行插入操作的适当权限。另外,我删除了 SecurityContext 部分,因为 log4net 无法识别其中的一部分。
I am able to write to a log file using log4net and Cassini/IIS dev server, but when I use IIS7.5, I can't write out to a file.
Initially, I got a security exception, so I added requirePermission="false"
and the exception went away but no file was created.
The trust level is full according to IISM.
I can't get this working on my own machine, I'm wondering what's going to happen when I transfer to an ISP (discountASP).
Here's the log4net setup:
<configSections>
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net" requirePermission="false" />
</configSections>
<log4net>
<appender name="FileAppender" type="log4net.Appender.FileAppender">
<file value="log-file.txt" />
<appendToFile value="true" />
<encoding value="utf-8" />
<layout type="log4net.Layout.SimpleLayout" />
</appender>
<root>
<level value="DEBUG" />
<appender-ref ref="FileAppender" />
</root>
</log4net>
C#
log4net.Config.XmlConfigurator.Configure();
ILog Log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
Log.Info("This is a test");
Any clues?
ASP.NET 3.5, VS2008, Windows 7, IIS7.5, log4net 1.2.10
EDIT:
I used the test web app that ran in Cassini and ran it in IIS7.5 and it worked so there's something specific to my web application that's preventing log4net from running. There's
alot going on in it, ELMAH, output caching, AJAX Control Toolkit, forms authentication, ssl, url rewriting, etc... Other than adding each of those on to the test app, is there a better way to figure out what's causing log4net to work?
UPDATE:
I used the AdoNetAppender to stay away from the file permission problems and am still getting the same result. The AdoNetAppender works for the test app running on Cassini and IIS, but it doesn't work on my web app. Getting the following exception:
System.Security.SecurityException: Request for the permission of type 'System.Configuration.ConfigurationPermission, System.Configuration...' failed.
UPDATE 2:
I was mistaken that the test webapp fileAppender worked in IIS7.5. This is what happens: The test webapp fileAppender and AdoDotNetAppender both work in Cassini/IIS dev, but not in IIS7.5. So I think it's IIS that's the problem, not my webapp.
Note. I am running VS2008 as Admin, but am logged into Windows 7 as a nonAdmin. Also, I'm running Windows 7 Home Premium, not Professional.
I granted NETWORK SERVICE full permission to the web root directory and still no file created. Also gave EVERYONE full permission, no file.
Since the adoDotNetAppender didn't work either (but did in dev IIS), I think there may be another issue in addition to the file permissions.
UPDATE 3:
I got it to work for the FileAppender on IIS7. If I add this:
<identity impersonate="true"
userName="zzz"
password="yyy" />
and if the user is an admin, it works. If it's me, not an admin, it doesn't. So it's a permissions issue. But I did grant EVERYONE rights to the directory the file is written to before and it didn't work, so there's a permission setting elsewhere. Also, while the FileAppender now works with the impersonation, the AdoNetAppender stil doesn't in IIS7. I tried adding:
<securityContext type="log4net.Util.WindowsSecurityContext">
<userName value="zzz" />
<password value="yyy" />
<domain value="aaa" />
</securityContext>
to the AdoNetAppender section, but still getting silent fail.
I added a bounty for anyone who can help me get the AdoNetAppender working with IIS7.5.
UPDATE 4:
I finally got a hold of the stack trace. Here it is:
log4net:ERROR [AdoNetAppender] Failed in DoAppend
System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
at log4net.Util.LogicalThreadContextProperties.GetProperties(Boolean create)
at log4net.Core.LoggingEvent.CreateCompositeProperties()
at log4net.Core.LoggingEvent.CacheProperties()
at log4net.Core.LoggingEvent.FixVolatileData(FixFlags flags)
at log4net.Core.LoggingEvent.set_Fix(FixFlags value)
at log4net.Appender.BufferingAppenderSkeleton.Append(LoggingEvent loggingEvent)
at log4net.Appender.AppenderSkeleton.DoAppend(LoggingEvent loggingEvent)
The action that failed was:
LinkDemand
The type of the first permission that failed was:
System.Security.Permissions.SecurityPermission
The Zone of the assembly that failed was:
MyComputer
I had the SQL Profiler on and nothing made it to SQL Server. Also, the SQL Server account has the proper privileges to do the insert. Also, I removed the SecurityContext section as log4net did not recognize part of it.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(7)
给这些iis用户完全的权利。
Give full right to these iis users.
尝试授予 IIS AppPool\DefaultAppPool 用户对日志目录的完全权限。这至少帮助过我一次。
Try giving IIS AppPool\DefaultAppPool user full permission to the log directory. That has helped me at least once.
我也有同样的问题。我通过更改 IIS 7 配置解决了这个问题。相当简单...
转到应用程序池高级设置并将“加载用户配置文件”设置为 true!然后确保 IUSR(IIS 用户)有权写入日志路径。
此外,通常我会添加对 32 位应用程序的支持,当您从第三方下载和使用程序集时,这非常有用,因为您不知道它们是针对 32 位、64 位还是独立编译的。
我通过阅读这篇文章发现了这一点:http://learn.iis。 net/page.aspx/624/application-pool-identities/
最诚挚的问候,
蒂亚戈.
I had this same problem. I solved it by changing the IIS 7 configuration. Rather easy...
Go to the application pool advanced settings and set "Load User Profile" to true! Then make sure that IUSR (IIS user) have permission to write to the logs path.
Additionally, usually, I add support for 32 bit applications, this is useful when you download and use assemblies from 3rd parties, where you don't know if they were complied for 32, 64 or independent.
I found this by reading this article: http://learn.iis.net/page.aspx/624/application-pool-identities/
Best regards,
Tiago.
您是否进入 Windows 资源管理器并检查正确的用户(网络服务?)是否具有写入权限?
Did you go into windows explorer and check the correct users (NETWORK SERVICE ?) have write permissions?
使用进程监视器等工具来监视 IIS 进程。我怀疑它正在尝试在 IIS 帐户无权访问的目录中创建日志文件。
在该测试之后,指定您知道 IIS 进程可以访问的日志文件的绝对路径。
Use a tool like Process Monitor and spy on the IIS process. I suspect it is trying to create the log file in a directory the IIS account has no access to.
Following on from that test, specify an absolute path to the log file that you know the IIS process has access to.
我终于让它工作了,我添加
到了system.web。
对于中等,AdoNetAppender 停止工作,但 FileAppender 仍然适用于中等和高。
I finally got it working, i added
to system.web.
With medium, the AdoNetAppender stops working, but the FileAppender still works for medium and high.
您可以通过将
log4net.Internal.Debug
键添加到应用程序配置文件来启用 log4net 内部调试。这会将调试消息写入控制台和 System.Diagnostics.Trace系统。然后,您可以通过向配置文件添加跟踪侦听器来将这些消息记录到文本文件中。确保应用程序有权写入该文件。
或者,跟踪消息也会写入系统调试器,因此您可以使用 等实用程序DebugView 来捕获消息。有关更多详细信息,请参阅 log4Net 常见问题解答。
You can enable log4net internal debugging by adding the key
log4net.Internal.Debug
to your application configuration file.This will write debug messages to the console and the System.Diagnostics.Trace system. You can then log these messages to a text file by adding a trace listener to you configuration file. Make sure the application has permission to write to the file.
Alternatively, trace messages are also written to the system debugger, so you can use a utility like DebugView to capture the messages. See the log4Net FAQ for more details.