Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / System.ServiceModel.Activation / System / ServiceModel / Activation / AspNetPartialTrustHelpers.cs / 1305376 / AspNetPartialTrustHelpers.cs
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------
namespace System.ServiceModel
{
using System.Runtime;
using System.Security;
using System.Security.Permissions;
using System.Threading;
using System.Web;
static class AspNetPartialTrustHelpers
{
[Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level."
+ "This will not change over the life of the AppDomain.")]
[SecurityCritical]
static SecurityContext aspNetSecurityContext;
[Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")]
[SecurityCritical]
static bool isInitialized;
[Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust."
+ "We will base subsequent security decisions on this.")]
static bool IsFullTrust(PermissionSet perms)
{
return perms == null || perms.IsUnrestricted();
}
internal static bool NeedPartialTrustInvoke
{
[Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.",
Safe = "Ok to know whether the ASP app is partial trust.")]
[SecuritySafeCritical]
get
{
if (!isInitialized)
{
NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet();
if (!IsFullTrust(aspNetPermissionSet))
{
try
{
aspNetPermissionSet.PermitOnly();
aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow();
}
finally
{
CodeAccessPermission.RevertPermitOnly();
}
}
isInitialized = true;
}
return aspNetSecurityContext != null;
}
}
[Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")]
[SecurityCritical]
[AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)]
static NamedPermissionSet GetHttpRuntimeNamedPermissionSet()
{
return HttpRuntime.GetNamedPermissionSet();
}
[Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.",
Safe = "Ok to invoke the user's delegate under the PT context.")]
[SecuritySafeCritical]
internal static void PartialTrustInvoke(ContextCallback callback, object state)
{
if (NeedPartialTrustInvoke)
{
SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state);
}
else
{
callback(state);
}
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------
namespace System.ServiceModel
{
using System.Runtime;
using System.Security;
using System.Security.Permissions;
using System.Threading;
using System.Web;
static class AspNetPartialTrustHelpers
{
[Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level."
+ "This will not change over the life of the AppDomain.")]
[SecurityCritical]
static SecurityContext aspNetSecurityContext;
[Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")]
[SecurityCritical]
static bool isInitialized;
[Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust."
+ "We will base subsequent security decisions on this.")]
static bool IsFullTrust(PermissionSet perms)
{
return perms == null || perms.IsUnrestricted();
}
internal static bool NeedPartialTrustInvoke
{
[Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.",
Safe = "Ok to know whether the ASP app is partial trust.")]
[SecuritySafeCritical]
get
{
if (!isInitialized)
{
NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet();
if (!IsFullTrust(aspNetPermissionSet))
{
try
{
aspNetPermissionSet.PermitOnly();
aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow();
}
finally
{
CodeAccessPermission.RevertPermitOnly();
}
}
isInitialized = true;
}
return aspNetSecurityContext != null;
}
}
[Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")]
[SecurityCritical]
[AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)]
static NamedPermissionSet GetHttpRuntimeNamedPermissionSet()
{
return HttpRuntime.GetNamedPermissionSet();
}
[Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.",
Safe = "Ok to invoke the user's delegate under the PT context.")]
[SecuritySafeCritical]
internal static void PartialTrustInvoke(ContextCallback callback, object state)
{
if (NeedPartialTrustInvoke)
{
SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state);
}
else
{
callback(state);
}
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- DataContract.cs
- PrinterUnitConvert.cs
- RequestQueryParser.cs
- ConvertersCollection.cs
- WaitingCursor.cs
- Mouse.cs
- ObjectDataSourceStatusEventArgs.cs
- NumberSubstitution.cs
- SafeMemoryMappedFileHandle.cs
- BinaryUtilClasses.cs
- XmlSchemaType.cs
- TypeInitializationException.cs
- PKCS1MaskGenerationMethod.cs
- SponsorHelper.cs
- QuestionEventArgs.cs
- TextEffectCollection.cs
- CustomErrorsSection.cs
- ApplicationActivator.cs
- UrlMappingsModule.cs
- ScrollViewerAutomationPeer.cs
- DbProviderConfigurationHandler.cs
- XmlSignatureProperties.cs
- Rotation3D.cs
- Literal.cs
- DbModificationClause.cs
- CommonXSendMessage.cs
- GroupBoxAutomationPeer.cs
- HelpKeywordAttribute.cs
- HtmlLink.cs
- WebServiceResponse.cs
- TextureBrush.cs
- MobileFormsAuthentication.cs
- UIPropertyMetadata.cs
- DbConvert.cs
- CookieProtection.cs
- WebServiceTypeData.cs
- XmlNodeList.cs
- ItemsPanelTemplate.cs
- UnorderedHashRepartitionStream.cs
- ListItemsCollectionEditor.cs
- _SingleItemRequestCache.cs
- ResourcePermissionBaseEntry.cs
- Sorting.cs
- StringBlob.cs
- ContextMenu.cs
- TextViewDesigner.cs
- ToolStripProgressBar.cs
- Publisher.cs
- ReliableSessionBindingElement.cs
- CapabilitiesState.cs
- SqlClientWrapperSmiStream.cs
- SplitterPanel.cs
- Helper.cs
- UserControlParser.cs
- ParagraphVisual.cs
- DiagnosticsConfigurationHandler.cs
- ConstraintEnumerator.cs
- CommentAction.cs
- QueryStringParameter.cs
- PathSegment.cs
- XmlWriter.cs
- TemplateBamlTreeBuilder.cs
- FileDialog_Vista_Interop.cs
- TraceRecord.cs
- Site.cs
- PageHandlerFactory.cs
- PlainXmlWriter.cs
- Select.cs
- WebPartTransformer.cs
- SessionIDManager.cs
- BrowserCapabilitiesCodeGenerator.cs
- __ComObject.cs
- Panel.cs
- AggregateNode.cs
- DataGridViewCellEventArgs.cs
- DataGrid.cs
- CompilationUtil.cs
- QilInvokeLateBound.cs
- WindowsListBox.cs
- NamedObject.cs
- oledbmetadatacolumnnames.cs
- ActiveXSite.cs
- TargetInvocationException.cs
- LazyTextWriterCreator.cs
- WeakHashtable.cs
- KeysConverter.cs
- validation.cs
- CultureInfoConverter.cs
- DataServiceQueryContinuation.cs
- Helpers.cs
- LinkUtilities.cs
- UrlParameterWriter.cs
- ProgressBar.cs
- VisualStyleRenderer.cs
- BaseCodeDomTreeGenerator.cs
- RenderingBiasValidation.cs
- TextDecorationLocationValidation.cs
- SerializableTypeCodeDomSerializer.cs
- ResourceReader.cs
- UdpSocket.cs