Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / System.ServiceModel.Activation / System / ServiceModel / Activation / AspNetPartialTrustHelpers.cs / 1305376 / AspNetPartialTrustHelpers.cs
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------
namespace System.ServiceModel
{
using System.Runtime;
using System.Security;
using System.Security.Permissions;
using System.Threading;
using System.Web;
static class AspNetPartialTrustHelpers
{
[Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level."
+ "This will not change over the life of the AppDomain.")]
[SecurityCritical]
static SecurityContext aspNetSecurityContext;
[Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")]
[SecurityCritical]
static bool isInitialized;
[Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust."
+ "We will base subsequent security decisions on this.")]
static bool IsFullTrust(PermissionSet perms)
{
return perms == null || perms.IsUnrestricted();
}
internal static bool NeedPartialTrustInvoke
{
[Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.",
Safe = "Ok to know whether the ASP app is partial trust.")]
[SecuritySafeCritical]
get
{
if (!isInitialized)
{
NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet();
if (!IsFullTrust(aspNetPermissionSet))
{
try
{
aspNetPermissionSet.PermitOnly();
aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow();
}
finally
{
CodeAccessPermission.RevertPermitOnly();
}
}
isInitialized = true;
}
return aspNetSecurityContext != null;
}
}
[Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")]
[SecurityCritical]
[AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)]
static NamedPermissionSet GetHttpRuntimeNamedPermissionSet()
{
return HttpRuntime.GetNamedPermissionSet();
}
[Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.",
Safe = "Ok to invoke the user's delegate under the PT context.")]
[SecuritySafeCritical]
internal static void PartialTrustInvoke(ContextCallback callback, object state)
{
if (NeedPartialTrustInvoke)
{
SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state);
}
else
{
callback(state);
}
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------
namespace System.ServiceModel
{
using System.Runtime;
using System.Security;
using System.Security.Permissions;
using System.Threading;
using System.Web;
static class AspNetPartialTrustHelpers
{
[Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level."
+ "This will not change over the life of the AppDomain.")]
[SecurityCritical]
static SecurityContext aspNetSecurityContext;
[Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")]
[SecurityCritical]
static bool isInitialized;
[Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust."
+ "We will base subsequent security decisions on this.")]
static bool IsFullTrust(PermissionSet perms)
{
return perms == null || perms.IsUnrestricted();
}
internal static bool NeedPartialTrustInvoke
{
[Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.",
Safe = "Ok to know whether the ASP app is partial trust.")]
[SecuritySafeCritical]
get
{
if (!isInitialized)
{
NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet();
if (!IsFullTrust(aspNetPermissionSet))
{
try
{
aspNetPermissionSet.PermitOnly();
aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow();
}
finally
{
CodeAccessPermission.RevertPermitOnly();
}
}
isInitialized = true;
}
return aspNetSecurityContext != null;
}
}
[Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")]
[SecurityCritical]
[AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)]
static NamedPermissionSet GetHttpRuntimeNamedPermissionSet()
{
return HttpRuntime.GetNamedPermissionSet();
}
[Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.",
Safe = "Ok to invoke the user's delegate under the PT context.")]
[SecuritySafeCritical]
internal static void PartialTrustInvoke(ContextCallback callback, object state)
{
if (NeedPartialTrustInvoke)
{
SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state);
}
else
{
callback(state);
}
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- StringUtil.cs
- TransactionBehavior.cs
- WaitHandleCannotBeOpenedException.cs
- CompositeScriptReference.cs
- ColorConverter.cs
- DataGridViewRowConverter.cs
- SafeNativeMethods.cs
- EUCJPEncoding.cs
- CommentEmitter.cs
- SessionStateContainer.cs
- HtmlShimManager.cs
- SqlNamer.cs
- DataGridViewHeaderCell.cs
- AncestorChangedEventArgs.cs
- ZoomPercentageConverter.cs
- ZipIOCentralDirectoryFileHeader.cs
- ValidationErrorCollection.cs
- XmlSchemaAll.cs
- MinimizableAttributeTypeConverter.cs
- ScriptManager.cs
- InstanceBehavior.cs
- Symbol.cs
- DropShadowBitmapEffect.cs
- ServerValidateEventArgs.cs
- ClientSession.cs
- NumericUpDownAcceleration.cs
- ProfileGroupSettingsCollection.cs
- LogPolicy.cs
- objectquery_tresulttype.cs
- SqlRowUpdatingEvent.cs
- HostedHttpTransportManager.cs
- SQLDateTime.cs
- TextRangeSerialization.cs
- KeyValueInternalCollection.cs
- LinkDescriptor.cs
- MimeWriter.cs
- TraceUtils.cs
- SqlCacheDependency.cs
- _PooledStream.cs
- QilInvoke.cs
- InstanceData.cs
- SoapAttributeOverrides.cs
- NeutralResourcesLanguageAttribute.cs
- XmlImplementation.cs
- IFormattable.cs
- unitconverter.cs
- DesignerTransactionCloseEvent.cs
- CaseInsensitiveComparer.cs
- DataTableMapping.cs
- DataSourceXmlSubItemAttribute.cs
- CommandLibraryHelper.cs
- EntityModelBuildProvider.cs
- DllNotFoundException.cs
- XmlSchemaComplexContentExtension.cs
- SmuggledIUnknown.cs
- mactripleDES.cs
- XamlFilter.cs
- UnknownBitmapDecoder.cs
- PropertyKey.cs
- RelationshipFixer.cs
- DeviceSpecific.cs
- CodeExpressionCollection.cs
- ListViewGroup.cs
- UnhandledExceptionEventArgs.cs
- ChtmlTextBoxAdapter.cs
- DelegatingTypeDescriptionProvider.cs
- _Semaphore.cs
- ScalarConstant.cs
- TemplatePagerField.cs
- HwndKeyboardInputProvider.cs
- SEHException.cs
- WarningException.cs
- MessageProperties.cs
- SchemaInfo.cs
- SqlBulkCopyColumnMappingCollection.cs
- ServicePointManagerElement.cs
- X509SecurityTokenProvider.cs
- DataContractSerializer.cs
- ProjectionPathSegment.cs
- OrthographicCamera.cs
- ViewSimplifier.cs
- HandleCollector.cs
- PropertyDescriptorComparer.cs
- ServiceNotStartedException.cs
- BaseTemplateParser.cs
- CodePageEncoding.cs
- Completion.cs
- InlineObject.cs
- KeyInfo.cs
- ResolveNameEventArgs.cs
- AuthenticationException.cs
- EventSinkActivityDesigner.cs
- RoutedEventHandlerInfo.cs
- FontFamily.cs
- SecurityCredentialsManager.cs
- ToolStripGrip.cs
- SystemIPGlobalStatistics.cs
- ListBoxItem.cs
- MultidimensionalArrayItemReference.cs
- TimelineGroup.cs