|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Custom principles and DnsPermission.Demand()We have windows application and have created our own custom principle & identity objects that implement IPrinciple and IIdentity. When a user logs into our system we set the threads principle to our custom principle object by calling Thread.CurrentPrinciple = blah. This all works great for role based security. BUT lets say i want to run one line of code which causes an imperative security demand: Dns.GetHostName(); CAS will now throw security exceptions when we try to run code that demands permissions. I thought the following code might be a work around IPrincipal currentPrinciple = Thread.CurrentPrincipal; try { Thread.CurrentPrincipal = new WindowsPrincipal(WindowsIdentity.GetCurrent()); Dns.GetHostName(); } finally { Thread.CurrentPrincipal = currentPrinciple; } But alas the DnsPermission.Demand() still throws a security exception. I think the following article and quote might explain why http://support.microsoft.com/default.aspx?scid=kb;en-us;318169 "Imperative security uses code that is executed at run time to enforce security. At run time, when a Demand method is called from an Identity Permission class, the call stack is evaluated to verify the code. If there is a point in the call stack where assemblies that were previously called do not have the same identity as the code, exceptions are thrown." So, I wish to use alot of classes that have security demands in them but if i use my own principle objects i can no longer use them. It seems to be a wee bit of a conundrum. Anyone have any thoughts besides tia andrew I think there is some confusion here regarding how CAS works. CAS does not
make security decisions based on who the current user is. CAS makes security decisions based on the permissions granted to the actual code. This is done at the assembly level and is based on evidence provided by the assembly about what it is and where it came from. Thus, changing the current IPrincipal on the thread won't affect what CAS is doing. So, it seems to me that you need to figure out why the code you are executing doesn't have DNS permissions and then figure out how to ensure that it has the permissions it needs. Joe K. Show quoteHide quote "andrew lowe" <andrew.lowe###a-t###geac.com> wrote in message news:euflmDBNFHA.2252@TK2MSFTNGP15.phx.gbl... > Hi > > We have windows application and have created our own custom principle & > identity objects that implement IPrinciple and IIdentity. When a user logs > into our system we set the threads principle to our custom principle > object > by calling Thread.CurrentPrinciple = blah. This all works great for role > based security. BUT lets say i want to run one line of code which causes > an > imperative security demand: > > Dns.GetHostName(); > > CAS will now throw security exceptions when we try to run code that > demands > permissions. I thought the following code might be a work around > > IPrincipal currentPrinciple = Thread.CurrentPrincipal; > try > { > Thread.CurrentPrincipal = new > WindowsPrincipal(WindowsIdentity.GetCurrent()); > Dns.GetHostName(); > } > finally > { > Thread.CurrentPrincipal = currentPrinciple; > } > > But alas the DnsPermission.Demand() still throws a security exception. I > think the following article and quote might explain why > http://support.microsoft.com/default.aspx?scid=kb;en-us;318169 > > "Imperative security uses code that is executed at run time to enforce > security. At run time, when a Demand method is called from an Identity > Permission class, the call stack is evaluated to verify the code. If there > is a point in the call stack where assemblies that were previously called > do > not have the same identity as the code, exceptions are thrown." > > So, I wish to use alot of classes that have security demands in them but > if > i use my own principle objects i can no longer use them. It seems to be a > wee bit of a conundrum. Anyone have any thoughts besides > > tia > andrew > > > >
Show quote
Hide quote
"Joe Kaplan (MVP - ADSI)" <joseph.e.kap***@removethis.accenture.com> wrote Joe,in message news:uqvnuRINFHA.1392@TK2MSFTNGP10.phx.gbl... >I think there is some confusion here regarding how CAS works. CAS does not >make security decisions based on who the current user is. CAS makes >security decisions based on the permissions granted to the actual code. >This is done at the assembly level and is based on evidence provided by the >assembly about what it is and where it came from. > > Thus, changing the current IPrincipal on the thread won't affect what CAS > is doing. > > So, it seems to me that you need to figure out why the code you are > executing doesn't have DNS permissions and then figure out how to ensure > that it has the permissions it needs. Thanks for your reply. The problem is that if i put a call to Dns.GetHostByName() in the constructor of my main form it works, however in another class which resides in another assembly the same call fails. All assemblies have the attribute [assembly: DnsPermission(SecurityAction.RequestMinimum, Unrestricted=true)] I've tried stripping the project down but can't seem to find a way to replicate what i am experiencing. bugger..... "andrew lowe" <andrew.lowe###a-t###geac.com> wrote in message <snip>news:OAZLyIONFHA.3704@TK2MSFTNGP12.phx.gbl... > The problem is that if i put a call to Dns.GetHostByName() in the Under normal circumstances, a demand will walk the entire call stack. The > constructor of my main form it works, however in another class which > resides in another assembly the same call fails. All assemblies have the > attribute > > [assembly: DnsPermission(SecurityAction.RequestMinimum, > Unrestricted=true)] demand could be failing because some other assembly on the call stack doesn't possess DNS permission even if your assembly does. If you want to see the entire call chain at the time of the exception, take a look at the output from the exception's ToString method. My guess would be that one of the other callers either lacks the permission (likely) or is inserting a Deny or PermitOnly stack walk modifier (somewhat less likely). If you need help interpreting the exception information, please post the entire ToString output here. Show quoteHide quote > > I've tried stripping the project down but can't seem to find a way to > replicate what i am experiencing. > > bugger..... > "Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message Brilliant! You were right, not all of the assemblies on the call stack news:%23wDQEFTNFHA.3420@tk2msftngp13.phx.gbl... > "andrew lowe" <andrew.lowe###a-t###geac.com> wrote in message Under normal > circumstances, a demand will walk the entire call stack. The demand could > be failing because some other assembly on the call stack doesn't possess > DNS permission even if your assembly does. If you want to see the entire > call chain at the time of the exception, take a look at the output from > the exception's ToString method. My guess would be that one of the other > callers either lacks the permission (likely) or is inserting a Deny or > PermitOnly stack walk modifier (somewhat less likely). If you need help > interpreting the exception information, please post the entire ToString > output here. possesed the DNS permission. thank you for your help guys. andrew 
Other interesting topics
ClientCertificates and IIS5 with https://localhost
Windows Authentication question IIS "secure communications"and "certificate" sections disabled. Storing Client Certificates Finding out if user has privileges to a diectory. X.509 certificates and httpwebrequest Problem with RSACryptoServiceProvider ( incorrect usage of public-private keys ? ) Difference between Full Trust and Everything Anyone out there using AzMan with WinForms solution? Using Weak keys in DES and TripleDES |
|||||||||||||||||||||||
