Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / System.ServiceModel.Activation / System / ServiceModel / Activation / AspNetPartialTrustHelpers.cs / 1305376 / AspNetPartialTrustHelpers.cs
//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System.Runtime; using System.Security; using System.Security.Permissions; using System.Threading; using System.Web; static class AspNetPartialTrustHelpers { [Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level." + "This will not change over the life of the AppDomain.")] [SecurityCritical] static SecurityContext aspNetSecurityContext; [Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")] [SecurityCritical] static bool isInitialized; [Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust." + "We will base subsequent security decisions on this.")] static bool IsFullTrust(PermissionSet perms) { return perms == null || perms.IsUnrestricted(); } internal static bool NeedPartialTrustInvoke { [Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.", Safe = "Ok to know whether the ASP app is partial trust.")] [SecuritySafeCritical] get { if (!isInitialized) { NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet(); if (!IsFullTrust(aspNetPermissionSet)) { try { aspNetPermissionSet.PermitOnly(); aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow(); } finally { CodeAccessPermission.RevertPermitOnly(); } } isInitialized = true; } return aspNetSecurityContext != null; } } [Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")] [SecurityCritical] [AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)] static NamedPermissionSet GetHttpRuntimeNamedPermissionSet() { return HttpRuntime.GetNamedPermissionSet(); } [Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.", Safe = "Ok to invoke the user's delegate under the PT context.")] [SecuritySafeCritical] internal static void PartialTrustInvoke(ContextCallback callback, object state) { if (NeedPartialTrustInvoke) { SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state); } else { callback(state); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System.Runtime; using System.Security; using System.Security.Permissions; using System.Threading; using System.Web; static class AspNetPartialTrustHelpers { [Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level." + "This will not change over the life of the AppDomain.")] [SecurityCritical] static SecurityContext aspNetSecurityContext; [Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")] [SecurityCritical] static bool isInitialized; [Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust." + "We will base subsequent security decisions on this.")] static bool IsFullTrust(PermissionSet perms) { return perms == null || perms.IsUnrestricted(); } internal static bool NeedPartialTrustInvoke { [Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.", Safe = "Ok to know whether the ASP app is partial trust.")] [SecuritySafeCritical] get { if (!isInitialized) { NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet(); if (!IsFullTrust(aspNetPermissionSet)) { try { aspNetPermissionSet.PermitOnly(); aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow(); } finally { CodeAccessPermission.RevertPermitOnly(); } } isInitialized = true; } return aspNetSecurityContext != null; } } [Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")] [SecurityCritical] [AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)] static NamedPermissionSet GetHttpRuntimeNamedPermissionSet() { return HttpRuntime.GetNamedPermissionSet(); } [Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.", Safe = "Ok to invoke the user's delegate under the PT context.")] [SecuritySafeCritical] internal static void PartialTrustInvoke(ContextCallback callback, object state) { if (NeedPartialTrustInvoke) { SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state); } else { callback(state); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ScrollBar.cs
- Point.cs
- SystemBrushes.cs
- ReadOnlyDictionary.cs
- WindowsListViewGroup.cs
- DbMetaDataCollectionNames.cs
- PersistenceProvider.cs
- OdbcDataAdapter.cs
- NameValueCollection.cs
- XmlSerializerAssemblyAttribute.cs
- SHA1Managed.cs
- HScrollBar.cs
- IdentityReference.cs
- DirectoryLocalQuery.cs
- TreeBuilderBamlTranslator.cs
- ToolboxDataAttribute.cs
- cookieexception.cs
- CultureTableRecord.cs
- FrugalList.cs
- SmiRequestExecutor.cs
- AdministrationHelpers.cs
- EntityContainerEmitter.cs
- ColumnWidthChangingEvent.cs
- ResXDataNode.cs
- ReadOnlyHierarchicalDataSource.cs
- AsymmetricKeyExchangeFormatter.cs
- ServiceOperation.cs
- MD5.cs
- MultiAsyncResult.cs
- Deserializer.cs
- RequiredFieldValidator.cs
- MatrixTransform3D.cs
- SapiGrammar.cs
- PersistenceMetadataNamespace.cs
- DataGridHelper.cs
- RoamingStoreFileUtility.cs
- WebPartConnectionCollection.cs
- LiteralControl.cs
- DropDownList.cs
- WaitHandleCannotBeOpenedException.cs
- QuaternionAnimation.cs
- RuntimeVariableList.cs
- LinqDataSourceHelper.cs
- SelectionHighlightInfo.cs
- X509Utils.cs
- InternalControlCollection.cs
- EdmFunctions.cs
- XslException.cs
- UnsafeNativeMethods.cs
- FontSourceCollection.cs
- QuestionEventArgs.cs
- XmlAttributeProperties.cs
- SchemaMerger.cs
- ControlType.cs
- Helper.cs
- XmlValidatingReader.cs
- IndentTextWriter.cs
- DoubleCollectionValueSerializer.cs
- UInt64Converter.cs
- HtmlTableCellCollection.cs
- XmlIterators.cs
- DmlSqlGenerator.cs
- LineGeometry.cs
- AssemblyBuilderData.cs
- CngKeyBlobFormat.cs
- FixedStringLookup.cs
- CompositeCollection.cs
- DataGridTable.cs
- SamlAssertionKeyIdentifierClause.cs
- ContentControl.cs
- XmlExceptionHelper.cs
- RelatedView.cs
- AssemblyNameProxy.cs
- XmlChoiceIdentifierAttribute.cs
- ObjectDataSourceSelectingEventArgs.cs
- WebPartDescription.cs
- LayoutUtils.cs
- Listbox.cs
- TaskHelper.cs
- ToolStripManager.cs
- CodeGroup.cs
- AssertUtility.cs
- XmlDataSource.cs
- ProvidersHelper.cs
- OperatorExpressions.cs
- FrameworkElement.cs
- FormViewPagerRow.cs
- ImageConverter.cs
- FrameworkPropertyMetadata.cs
- AnnotationElement.cs
- XmlMembersMapping.cs
- ExtendedProperty.cs
- BulletChrome.cs
- AvTrace.cs
- GridViewCommandEventArgs.cs
- FormsAuthenticationUserCollection.cs
- SqlDataSourceCommandParser.cs
- FixedTextSelectionProcessor.cs
- DNS.cs
- MissingManifestResourceException.cs