log4net throwing Security Exception in ASP.Net MVC web application

Question

I have written 3 ASP.net MVC web applications, and all are deployed on shared hosting servers with my ISP.

All 3 applications are very similar in configuration and s

Answer 1

So it turns out that the reason for the above SecurityException is 3-fold

• my ISP has ASP.net configured to run in medium trust mode on it's newer servers, and full trust mode on its older servers. My Web Applications are split between these 2 servers, which is why I am getting different behaviour between the applications even though they are configured exactly the same

• I am using log4net for error logging, and in my Global.asax file, I have the following:

  protected void Application_Start()
  {
      RegisterRoutes(RouteTable.Routes);
      log4net.Config.XmlConfigurator.Configure();
      log.Debug("Logging Initialized.");
  }
  

  This line - log4net.Config.XmlConfigurator.Configure(); is what is throwing the above exception. It only happens once when the application is started, or restarted if they web.config is modified. That is why I couldn't figure out where the problem was coming from.

• I had to add a requirePermission="false" to the log4net configSection in the web.config:

  <section name="log4net" requirePermission="false" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net"/>
  

Now if I was developing in medium trust mode, I would have picked these problems up. You can force your app to run in medium trust mode by adding the following to my web.config:

  <system.web>
     <trust level="Medium"/>
  </system.web>

By forcing my app to run in medium trust mode, I picked up the source exception in dev exactly where it originated, and figured out what was wrong from there on..