Home

Awesome

ELMAH.MVC

Build status Join the chat at https://gitter.im/alexbeletsky/elmah-mvc

For painless integration of ELMAH into ASP.NET MVC application.

What's changed in 2.0 version?

For details, please follow that blog post - ELMAH.MVC v.2.0 - Release Candidate

What's the goal?

With ELMAH.MVC you got nice and clear MVC style routing to ELMAH error page. ELMAH can be accessed by:

http://yourapp.com/elmah

By doing that, you can apply any authorization strategies or routes. In short, no more

http://yourapp.com/elmah.axd

That could be used for ASP.NET session hijacking with Google and ELMAH.

How to use in my application?

Easy. Install ELMAH by NuGet, in package console

Install-Package Elmah.MVC

For further ELMAH configuration please check the documentation.

Should I use HandleErrorAttribute?

If you tried to use ELMAH in ASP.NET MVC, you are probably implemented your own HandleErrorAttribute, as it's shown in this example. You no longer need to apply this custom code with Elmah.MVC. As soon you installed package, so can safely remove your HandleError attribute, since it's already included into package.

Will exceptions be logged in "customError='On'" mode?

Yes, even if you configured application to use custom error pages, the exception will be logged.

How can I configure Elmah.MVC?

There is a simple configuration section in web.config file.

<appSettings>
	<add key="elmah.mvc.disableHandler" value="false" />
	<add key="elmah.mvc.disableHandleErrorFilter" value="false" />
	<add key="elmah.mvc.requiresAuthentication" value="false" />
	<add key="elmah.mvc.IgnoreDefaultRoute" value="false" />
	<add key="elmah.mvc.allowedRoles" value="*" />
	<add key="elmah.mvc.allowedUsers" value="*" />
	<add key="elmah.mvc.route" value="elmah" />
	<add key="elmah.mvc.UserAuthCaseSensitive" value="true" />
</appSettings>

You can either disable handler or apply authentication, based on application roles.

You can also tweek the ELMAH default route. If you just install the package, ELMAH will be availabled at /elmah, howether if you would like to change that, change elmah.mvc.route, this setting is a MVC route prefix, used during ELMAH routes registration. For instance, if you change that to secure/admin/errors you will get ELMAH at http://yourapp.com/secure/admin/errors.

Default route issue

You might change the elmah.mvc.route to a custom one, but still able to see ELMAH reports at /elmah. This issue is caused by the way how ASP.NET MVC matches controllers in separate namespaces. There are no good workaround for that (at least one I know), so if I makes a trouble to you, I recommend to reconsider the application, without using default route.

UPDATE: You might also consider ignoring /elmah route explicitly as described here.

UPDATE 2: @chaoaretasty has added an option, to allow ignoring default role. Set elmah.mvc.IgnoreDefaultRoute setting option to true.

More about authentication

Both allowedRoles and allowedUsers accept a comma-separated list of values. When using Windows Authentication, users are required to have the "DOMAIN\user.name" prefix whereas roles will work with or without the domain prefix.

Note that when authentication is used, users are required to satisfy both the allowedRoles and allowedUsers criteria. That means if you only want to control access by roles, allowedUsers must retain the default "*", and vice versa. When both settings are populated with anything other than "*", a user must be included in the allowedUsers list and be in one of the specified roles to gain access.

Related articles and posts

ELMAH.MVC 2.0.1 Update is Out

ELMAH.MVC v.2.0.0 - Release Candidate

ELMAH.MVC v2.0 is coming

Slides of ELMAH.MVC talk

ELMAH MVC controller released on NuGet

Integrating ELMAH to ASP.NET MVC in right way

Recent changes

Licence

Apache 2.0