Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / System.ServiceModel.Activation / System / ServiceModel / Activation / HostedImpersonationContext.cs / 1305376 / HostedImpersonationContext.cs
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------
namespace System.ServiceModel.Activation
{
using System.ComponentModel;
using System.Runtime;
using System.Runtime.InteropServices;
using System.Security;
using System.Security.Principal;
using System.ServiceModel.Activation.Interop;
using System.Threading;
[Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - All member methods are security critical. The class might be used outside of the restricted SecurityContext." +
"Ensure they do not accidentally satisfy any demands.")]
class HostedImpersonationContext
{
[Fx.Tag.SecurityNote(Critical = "Stores the impersonation token handle. Since we're allowing 'safe' Impersonation of the token we got from asp.net we need to protect this value.")]
[SecurityCritical]
SafeCloseHandleCritical tokenHandle;
[Fx.Tag.SecurityNote(Critical = "Controls lifetime of token handle, caller must use care.")]
[SecurityCritical]
int refCount = 0;
[Fx.Tag.SecurityNote(Critical = "Security critical field, caller must use care.")]
[SecurityCritical]
bool isImpersonated;
[Fx.Tag.SecurityNote(Critical = "Calls two safe native methods under OpenCurrentThreadTokenCritical: GetCurrentThread and OpenThreadToken." +
"Marshal.GetLastWin32Error captures current thread token in a SecurityCritical field.")]
[SecurityCritical]
public HostedImpersonationContext()
{
if (ServiceHostingEnvironment.AspNetCompatibilityEnabled)
{
int error;
bool isSuccess = SafeNativeMethods.OpenCurrentThreadTokenCritical(TokenAccessLevels.Query | TokenAccessLevels.Impersonate,
true, out tokenHandle, out error);
if (isSuccess)
{
isImpersonated = true;
Interlocked.Increment(ref refCount);
}
else
{
CloseInvalidOutSafeHandleCritical(tokenHandle);
tokenHandle = null;
if (error != SafeNativeMethods.ERROR_NO_TOKEN)
{
throw FxTrace.Exception.AsError(new Win32Exception(error, SR.Hosting_ImpersonationFailed));
}
}
}
}
[Fx.Tag.SecurityNote(Critical = "Calls SetHandleAsInvalid which has a LinkDemand for UnmanagedCode.")]
[SecurityCritical]
static void CloseInvalidOutSafeHandleCritical(SafeHandle handle)
{
// Workaround for 64-bit CLR bug VSWhidbey 546830 - sometimes invalid SafeHandles come back null.
if (handle != null)
{
Fx.Assert(handle.IsInvalid, "CloseInvalidOutSafeHandle called with a valid handle!");
// Calls SuppressFinalize.
handle.SetHandleAsInvalid();
}
}
public bool IsImpersonated
{
[Fx.Tag.SecurityNote(Critical = "Accesses SecurityCritical isImpersonated field.", Safe = "Does not leak control or mutable/harmful data, no potential for harm.")]
[SecuritySafeCritical]
get
{
return isImpersonated;
}
}
[Fx.Tag.SecurityNote(Critical = "Accesses SecurityCritical tokenHandle field and uses LinkDemanded DangerousGetHandle method as well as UnsafeCreate." +
"Caller should use with care, must take responsibility for reverting impersonation.")]
[SecurityCritical]
public IDisposable Impersonate()
{
if (!isImpersonated)
return null;
Fx.Assert(tokenHandle != null, "The token handle was incorrectly released earlier.");
HostedInnerImpersonationContext context = null;
lock(tokenHandle)
{
context = HostedInnerImpersonationContext.UnsafeCreate(tokenHandle.DangerousGetHandle());
GC.KeepAlive(tokenHandle);
}
return context;
}
[Fx.Tag.SecurityNote(Critical = "Controls lifetime of token handle, caller must use care.")]
[SecurityCritical]
public void AddRef()
{
if (IsImpersonated)
{
Interlocked.Increment(ref refCount);
}
}
[Fx.Tag.SecurityNote(Critical = "Controls lifetime of token handle, caller must use care.")]
[SecurityCritical]
public void Release()
{
if (IsImpersonated)
{
Fx.Assert(tokenHandle != null, "The token handle is incorrectly released earlier.");
int currentCount = Interlocked.Decrement(ref refCount);
if (currentCount == 0)
{
lock(tokenHandle)
{
tokenHandle.Close();
tokenHandle = null;
}
}
}
}
[Fx.Tag.SecurityNote(Critical = "Keeps track of impersonated user, caller must use with care and call Dispose at the appropriate time.")]
#pragma warning disable 618 // have not moved to the v4 security model yet
[SecurityCritical(SecurityCriticalScope.Everything)]
#pragma warning restore 618
class HostedInnerImpersonationContext : IDisposable
{
IDisposable impersonatedContext;
HostedInnerImpersonationContext(IDisposable impersonatedContext)
{
if (impersonatedContext == null)
{
throw FxTrace.Exception.AsError(new InvalidOperationException(SR.Hosting_ImpersonationFailed));
}
this.impersonatedContext = impersonatedContext;
}
public static HostedInnerImpersonationContext UnsafeCreate(IntPtr token)
{
return new HostedInnerImpersonationContext(HostingEnvironmentWrapper.UnsafeImpersonate(token));
}
public void Dispose()
{
if (impersonatedContext != null)
{
impersonatedContext.Dispose();
impersonatedContext = null;
}
}
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- LoaderAllocator.cs
- XmlCDATASection.cs
- QilNode.cs
- Mapping.cs
- FullTextState.cs
- DrawToolTipEventArgs.cs
- PeerSecurityHelpers.cs
- BasicSecurityProfileVersion.cs
- WebPartTransformer.cs
- NavigationFailedEventArgs.cs
- Stack.cs
- PropertyCollection.cs
- FontStyleConverter.cs
- TagPrefixInfo.cs
- WindowsListViewItemCheckBox.cs
- SoundPlayerAction.cs
- Bits.cs
- TextTreeTextNode.cs
- FileDetails.cs
- UnsignedPublishLicense.cs
- CodeExpressionCollection.cs
- RealizedColumnsBlock.cs
- DomainLiteralReader.cs
- RangeBaseAutomationPeer.cs
- QilGeneratorEnv.cs
- DataGridViewRowPrePaintEventArgs.cs
- RelationshipManager.cs
- DbConnectionPoolOptions.cs
- AccessDataSourceWizardForm.cs
- DockPattern.cs
- DataGridTableCollection.cs
- Source.cs
- OletxResourceManager.cs
- CqlQuery.cs
- CollectionEditVerbManager.cs
- ProxyAttribute.cs
- LinkButton.cs
- CookielessHelper.cs
- EditingCoordinator.cs
- EntityDataSourceWrapper.cs
- HashRepartitionEnumerator.cs
- AffineTransform3D.cs
- processwaithandle.cs
- NullableLongAverageAggregationOperator.cs
- PerfCounterSection.cs
- SerializerProvider.cs
- RectangleF.cs
- ColorConvertedBitmap.cs
- DataServices.cs
- HelloMessageCD1.cs
- TimersDescriptionAttribute.cs
- ViewStateAttachedPropertyFeature.cs
- XmlUtilWriter.cs
- CodeGenerator.cs
- Activity.cs
- ChildTable.cs
- UseManagedPresentationElement.cs
- BindingCompleteEventArgs.cs
- DesignerActionService.cs
- DockPattern.cs
- RecipientServiceModelSecurityTokenRequirement.cs
- ContextMenuStrip.cs
- HMAC.cs
- CodeTypeReference.cs
- SqlCommandBuilder.cs
- AvTraceDetails.cs
- FileSystemWatcher.cs
- ThousandthOfEmRealDoubles.cs
- InitiatorSessionSymmetricTransportSecurityProtocol.cs
- VerificationAttribute.cs
- TitleStyle.cs
- CompilerTypeWithParams.cs
- HttpHostedTransportConfiguration.cs
- SharedUtils.cs
- MouseButtonEventArgs.cs
- OleDbWrapper.cs
- DeclaredTypeElementCollection.cs
- ResourceAttributes.cs
- WindowsGraphics2.cs
- PtsCache.cs
- CheckedPointers.cs
- Image.cs
- BamlMapTable.cs
- SecurityRuntime.cs
- DependencyObjectPropertyDescriptor.cs
- WindowsFormsLinkLabel.cs
- TraversalRequest.cs
- NetworkInformationException.cs
- InvalidProgramException.cs
- TextEditorTables.cs
- ColorConvertedBitmapExtension.cs
- ObjectToken.cs
- PerformanceCounterManager.cs
- ByteConverter.cs
- ItemsControlAutomationPeer.cs
- RbTree.cs
- WebServicesInteroperability.cs
- SQLInt64Storage.cs
- DataGrid.cs
- MetadataArtifactLoaderComposite.cs