Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / System.ServiceModel.Activation / System / ServiceModel / Activation / AspNetPartialTrustHelpers.cs / 1305376 / AspNetPartialTrustHelpers.cs
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------
namespace System.ServiceModel
{
using System.Runtime;
using System.Security;
using System.Security.Permissions;
using System.Threading;
using System.Web;
static class AspNetPartialTrustHelpers
{
[Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level."
+ "This will not change over the life of the AppDomain.")]
[SecurityCritical]
static SecurityContext aspNetSecurityContext;
[Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")]
[SecurityCritical]
static bool isInitialized;
[Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust."
+ "We will base subsequent security decisions on this.")]
static bool IsFullTrust(PermissionSet perms)
{
return perms == null || perms.IsUnrestricted();
}
internal static bool NeedPartialTrustInvoke
{
[Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.",
Safe = "Ok to know whether the ASP app is partial trust.")]
[SecuritySafeCritical]
get
{
if (!isInitialized)
{
NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet();
if (!IsFullTrust(aspNetPermissionSet))
{
try
{
aspNetPermissionSet.PermitOnly();
aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow();
}
finally
{
CodeAccessPermission.RevertPermitOnly();
}
}
isInitialized = true;
}
return aspNetSecurityContext != null;
}
}
[Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")]
[SecurityCritical]
[AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)]
static NamedPermissionSet GetHttpRuntimeNamedPermissionSet()
{
return HttpRuntime.GetNamedPermissionSet();
}
[Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.",
Safe = "Ok to invoke the user's delegate under the PT context.")]
[SecuritySafeCritical]
internal static void PartialTrustInvoke(ContextCallback callback, object state)
{
if (NeedPartialTrustInvoke)
{
SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state);
}
else
{
callback(state);
}
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------
namespace System.ServiceModel
{
using System.Runtime;
using System.Security;
using System.Security.Permissions;
using System.Threading;
using System.Web;
static class AspNetPartialTrustHelpers
{
[Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level."
+ "This will not change over the life of the AppDomain.")]
[SecurityCritical]
static SecurityContext aspNetSecurityContext;
[Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")]
[SecurityCritical]
static bool isInitialized;
[Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust."
+ "We will base subsequent security decisions on this.")]
static bool IsFullTrust(PermissionSet perms)
{
return perms == null || perms.IsUnrestricted();
}
internal static bool NeedPartialTrustInvoke
{
[Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.",
Safe = "Ok to know whether the ASP app is partial trust.")]
[SecuritySafeCritical]
get
{
if (!isInitialized)
{
NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet();
if (!IsFullTrust(aspNetPermissionSet))
{
try
{
aspNetPermissionSet.PermitOnly();
aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow();
}
finally
{
CodeAccessPermission.RevertPermitOnly();
}
}
isInitialized = true;
}
return aspNetSecurityContext != null;
}
}
[Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")]
[SecurityCritical]
[AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)]
static NamedPermissionSet GetHttpRuntimeNamedPermissionSet()
{
return HttpRuntime.GetNamedPermissionSet();
}
[Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.",
Safe = "Ok to invoke the user's delegate under the PT context.")]
[SecuritySafeCritical]
internal static void PartialTrustInvoke(ContextCallback callback, object state)
{
if (NeedPartialTrustInvoke)
{
SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state);
}
else
{
callback(state);
}
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ConfigsHelper.cs
- GraphicsPathIterator.cs
- QilInvokeLateBound.cs
- SqlDataSourceCommandParser.cs
- NetworkInformationPermission.cs
- XsltArgumentList.cs
- ExpandCollapseProviderWrapper.cs
- SettingsSection.cs
- NumericUpDownAcceleration.cs
- ButtonChrome.cs
- ProfileSettingsCollection.cs
- LinqDataSourceView.cs
- ValidatorAttribute.cs
- BitmapImage.cs
- NamespaceMapping.cs
- OperationResponse.cs
- SubclassTypeValidatorAttribute.cs
- storepermissionattribute.cs
- SiteMembershipCondition.cs
- NamespaceInfo.cs
- RefExpr.cs
- XmlQueryTypeFactory.cs
- TextTreeTextNode.cs
- ElementUtil.cs
- TraceHandler.cs
- DataView.cs
- Trace.cs
- HtmlSelectionListAdapter.cs
- PrintPageEvent.cs
- StoreContentChangedEventArgs.cs
- FileDialog.cs
- BamlStream.cs
- PrinterResolution.cs
- WebPartEditorCancelVerb.cs
- ExtendedProtectionPolicyElement.cs
- ReadOnlyPropertyMetadata.cs
- WebPartCatalogAddVerb.cs
- EntityObject.cs
- ByteStack.cs
- PtsCache.cs
- SettingsProperty.cs
- ObjectIDGenerator.cs
- DataTableReaderListener.cs
- RotateTransform3D.cs
- TextSpan.cs
- Cursors.cs
- MexNamedPipeBindingElement.cs
- DecoderReplacementFallback.cs
- RecognizerInfo.cs
- NegationPusher.cs
- ResourceKey.cs
- CodeDefaultValueExpression.cs
- dataprotectionpermissionattribute.cs
- SimpleTypeResolver.cs
- coordinator.cs
- IPGlobalProperties.cs
- ResourceWriter.cs
- RepeatButtonAutomationPeer.cs
- ProxyWebPart.cs
- TransactionProxy.cs
- CompilationPass2Task.cs
- EncodingTable.cs
- DispatcherTimer.cs
- safex509handles.cs
- TdsParserSafeHandles.cs
- BindStream.cs
- InlineUIContainer.cs
- SequenceDesigner.cs
- ItemsPanelTemplate.cs
- LinearKeyFrames.cs
- SafeNativeMethods.cs
- TripleDESCryptoServiceProvider.cs
- TextViewBase.cs
- DateTimeFormatInfo.cs
- RuntimeConfigLKG.cs
- MappingException.cs
- PathNode.cs
- InternalDuplexBindingElement.cs
- ColorIndependentAnimationStorage.cs
- PointAnimation.cs
- DateTimeFormat.cs
- X509ImageLogo.cs
- FamilyMapCollection.cs
- TimerElapsedEvenArgs.cs
- DataSourceSelectArguments.cs
- CommandBinding.cs
- Cursors.cs
- GridItemPatternIdentifiers.cs
- LateBoundBitmapDecoder.cs
- ImageField.cs
- MetadataItem.cs
- GridViewColumnCollectionChangedEventArgs.cs
- ArraySegment.cs
- _FtpControlStream.cs
- TagMapCollection.cs
- Preprocessor.cs
- TaskHelper.cs
- MoveSizeWinEventHandler.cs
- ToolStripItemEventArgs.cs
- SelectQueryOperator.cs