For an ASP.NET MVC 4 app I am using Elmah.MVC 2.0.1 to log errors.
I installed Elmah.MVC using NuGet. It works fine.
The Elmah.MVC package installs no controller or area, so I can see no obvious way to apply security via Authorize attributes, as is recommended for ASP.NET MVC.
I only want users in the Admin role to be able to view the Elmah page.
How do I do this?
You can view the logging information in folder App_Data/Sitefinity/Logs. For more information about the Enterprise Library, see The Logging Application Block on the MSDN. ELMAH logs the following: ErrorLog.
Build the application, run it in the browser, and navigate to http://www.yoursite.com/elmah.axd. You are prompted to log in before you see the content. After a successful authentication, you see a web page to remotely view the entire log of recorded exceptions.
Ouch!
Just found the answer;
Elmah MVC 2.0.1 NuGet package adds the following into <appSettings>
(in web.config):
<add key="elmah.mvc.requiresAuthentication" value="false" />
<add key="elmah.mvc.allowedRoles" value="*" />
To achieve what I want simply:
<add key="elmah.mvc.requiresAuthentication" value="true" />
<add key="elmah.mvc.allowedRoles" value="Admin" />
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With