1

For some reason i am not able to specify roles that should be allowed access to the error log. No matter what role i enter (i have Admin, Super and Test roles), my app just redirects to the login screen, which is the expected behaviour should i not be authorized. If i choose to allow all roles with the * it works just fine, but allows all roles when i need to restrict it to Super role only.

I have the following in my web.config file which allows access to all roles when they are logged in:

<add key="loginUrl" value="~/Login/" />
<add key="elmah.mvc.disableHandler" value="false" />
<add key="elmah.mvc.disableHandleErrorFilter" value="false" />
<add key="elmah.mvc.requiresAuthentication" value="true" />
<add key="elmah.mvc.allowedRoles" value="*" />
<add key="elmah.mvc.route" value="elmah" />

But when i change the allowedRoles line to:

<add key="elmah.mvc.allowedRoles" value="Super" />

it does not allow access to anyone and just sends them to the login screen.

Any ideas would be greatly appreciated. This is my first attempt at using Elmah, and it seems really good, but i am not that familiar with it yet, so should anyone need any more info to be able to help just ask and i will provide.

EDIT

I have now configured Emlah to use SQL Server to log the errors, not sure if that will make a difference to any potential answers.

Ben
  • 5,525
  • 8
  • 42
  • 66

3 Answers3

1

Have you tried this (from How to secure Elmah.axd?):

<configuration>
  ...
  <location path="elmah.axd">
    <system.web>
      <authorization>
        <allow roles="Administrators"/>
        <deny users="*"/>
      </authorization>
    </system.web>
  </location>
</configuration>
Community
  • 1
  • 1
Kaizen Programmer
  • 3,798
  • 1
  • 14
  • 30
  • I am using the Elmah.Mvc nuget package which doesn't seem to use the .axd file. – Ben May 16 '13 at 14:38
0

I was facing a similar problem when using Elmah 1.2 then I upgraded to Elmah MVC and it worked.

<configuration>
  <configSections>
    <sectionGroup name="elmah">
     <section name="security" requirePermission="false" type="Elmah.SecuritySectionHandler, Elmah" />
     <section name="errorLog" requirePermission="false" type="Elmah.ErrorLogSectionHandler, Elmah" />
     <section name="errorMail" requirePermission="false" type="Elmah.ErrorMailSectionHandler, Elmah" />
     <section name="errorFilter" requirePermission="false" type="Elmah.ErrorFilterSectionHandler, Elmah" />
    </sectionGroup>
  </configSections>

  <appSettings>
    <add key="elmah.mvc.disableHandler" value="false" />
    <add key="elmah.mvc.disableHandleErrorFilter" value="false" />
    <add key="elmah.mvc.requiresAuthentication" value="false" />
    <add key="elmah.mvc.allowedRoles" value="CKAdmin" />
    <add key="elmah.mvc.route" value="elmah" />
  </appSettings>

  <system.web>
    <httpModules>
      <add name="ErrorLog" type="Elmah.ErrorLogModule, Elmah" />
      <add name="ErrorMail" type="Elmah.ErrorMailModule, Elmah" />
      <add name="ErrorFilter" type="Elmah.ErrorFilterModule, Elmah" />
    </httpModules>
  </system.web>

  <system.webServer>
     <validation validateIntegratedModeConfiguration="false" />
       <modules runAllManagedModulesForAllRequests="true">
         <add name="ErrorLog" type="Elmah.ErrorLogModule, Elmah" preCondition="managedHandler" />
         <add name="ErrorMail" type="Elmah.ErrorMailModule, Elmah" preCondition="managedHandler" />
         <add name="ErrorFilter" type="Elmah.ErrorFilterModule, Elmah" preCondition="managedHandler" />
       </modules>
  </system.webServer>

  <elmah>
    <security allowRemoteAccess="false" />
    <errorLog type="Elmah.XmlFileErrorLog, Elmah" logPath="D:\\ELMAH" />
  </elmah>
</configuration>
Deependra Singh
  • 161
  • 2
  • 8
0

You are supposed to make the following changes:

<appSettings>
 ......
<add key="elmah.mvc.allowedRoles" value="*" />
<add key="elmah.mvc.allowedUsers" value="Super" />
</appSettings>
Sumedha Vangury
  • 643
  • 2
  • 17
  • 43