Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / System.ServiceModel.Activation / System / ServiceModel / Activation / AspNetPartialTrustHelpers.cs / 1305376 / AspNetPartialTrustHelpers.cs
//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System.Runtime; using System.Security; using System.Security.Permissions; using System.Threading; using System.Web; static class AspNetPartialTrustHelpers { [Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level." + "This will not change over the life of the AppDomain.")] [SecurityCritical] static SecurityContext aspNetSecurityContext; [Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")] [SecurityCritical] static bool isInitialized; [Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust." + "We will base subsequent security decisions on this.")] static bool IsFullTrust(PermissionSet perms) { return perms == null || perms.IsUnrestricted(); } internal static bool NeedPartialTrustInvoke { [Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.", Safe = "Ok to know whether the ASP app is partial trust.")] [SecuritySafeCritical] get { if (!isInitialized) { NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet(); if (!IsFullTrust(aspNetPermissionSet)) { try { aspNetPermissionSet.PermitOnly(); aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow(); } finally { CodeAccessPermission.RevertPermitOnly(); } } isInitialized = true; } return aspNetSecurityContext != null; } } [Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")] [SecurityCritical] [AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)] static NamedPermissionSet GetHttpRuntimeNamedPermissionSet() { return HttpRuntime.GetNamedPermissionSet(); } [Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.", Safe = "Ok to invoke the user's delegate under the PT context.")] [SecuritySafeCritical] internal static void PartialTrustInvoke(ContextCallback callback, object state) { if (NeedPartialTrustInvoke) { SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state); } else { callback(state); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System.Runtime; using System.Security; using System.Security.Permissions; using System.Threading; using System.Web; static class AspNetPartialTrustHelpers { [Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level." + "This will not change over the life of the AppDomain.")] [SecurityCritical] static SecurityContext aspNetSecurityContext; [Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")] [SecurityCritical] static bool isInitialized; [Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust." + "We will base subsequent security decisions on this.")] static bool IsFullTrust(PermissionSet perms) { return perms == null || perms.IsUnrestricted(); } internal static bool NeedPartialTrustInvoke { [Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.", Safe = "Ok to know whether the ASP app is partial trust.")] [SecuritySafeCritical] get { if (!isInitialized) { NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet(); if (!IsFullTrust(aspNetPermissionSet)) { try { aspNetPermissionSet.PermitOnly(); aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow(); } finally { CodeAccessPermission.RevertPermitOnly(); } } isInitialized = true; } return aspNetSecurityContext != null; } } [Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")] [SecurityCritical] [AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)] static NamedPermissionSet GetHttpRuntimeNamedPermissionSet() { return HttpRuntime.GetNamedPermissionSet(); } [Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.", Safe = "Ok to invoke the user's delegate under the PT context.")] [SecuritySafeCritical] internal static void PartialTrustInvoke(ContextCallback callback, object state) { if (NeedPartialTrustInvoke) { SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state); } else { callback(state); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- BezierSegment.cs
- EnumType.cs
- ConfigurationStrings.cs
- DocumentPaginator.cs
- ThemeDictionaryExtension.cs
- TreeNodeCollection.cs
- ToolStripDropDownMenu.cs
- XmlLoader.cs
- XmlSchemaGroupRef.cs
- AdjustableArrowCap.cs
- WindowsFormsSectionHandler.cs
- EntityRecordInfo.cs
- CollectionChangedEventManager.cs
- DataSetViewSchema.cs
- ByteRangeDownloader.cs
- SqlBulkCopy.cs
- ExpressionDumper.cs
- PlatformNotSupportedException.cs
- Enumerable.cs
- CacheForPrimitiveTypes.cs
- Storyboard.cs
- LicFileLicenseProvider.cs
- AccessibleObject.cs
- FrameSecurityDescriptor.cs
- TemplateControlParser.cs
- ImageFormat.cs
- PathTooLongException.cs
- IChannel.cs
- CompilerGeneratedAttribute.cs
- Path.cs
- newitemfactory.cs
- XmlWriterDelegator.cs
- UnhandledExceptionEventArgs.cs
- RelationshipManager.cs
- metrodevice.cs
- DataServiceStreamProviderWrapper.cs
- XmlChildNodes.cs
- SafeNativeMethods.cs
- DrawingCollection.cs
- CodeExpressionRuleDeclaration.cs
- GridViewColumn.cs
- VisualStyleElement.cs
- UnitySerializationHolder.cs
- ObjectStateEntryBaseUpdatableDataRecord.cs
- ClaimTypeElementCollection.cs
- LabelLiteral.cs
- CompilerWrapper.cs
- FontClient.cs
- MILUtilities.cs
- StateDesignerConnector.cs
- RegistrySecurity.cs
- FormViewModeEventArgs.cs
- AdornerLayer.cs
- CuspData.cs
- QuerySettings.cs
- PrimaryKeyTypeConverter.cs
- BaseAsyncResult.cs
- LassoSelectionBehavior.cs
- DataSourceDesigner.cs
- LinkedDataMemberFieldEditor.cs
- XmlBinaryReader.cs
- CopyCodeAction.cs
- StylusCaptureWithinProperty.cs
- ListSourceHelper.cs
- Serializer.cs
- storepermissionattribute.cs
- XmlSecureResolver.cs
- DynamicDocumentPaginator.cs
- GroupItemAutomationPeer.cs
- ProviderCommandInfoUtils.cs
- PagedDataSource.cs
- CodeNamespace.cs
- Component.cs
- MaxValueConverter.cs
- DrawingImage.cs
- ConfigXmlSignificantWhitespace.cs
- AVElementHelper.cs
- FlowDocumentScrollViewerAutomationPeer.cs
- SplayTreeNode.cs
- DataGridViewImageCell.cs
- SqlUtils.cs
- SafeEventLogReadHandle.cs
- ContainerActivationHelper.cs
- ResourceDisplayNameAttribute.cs
- LinkButton.cs
- CustomAttributeSerializer.cs
- EntityModelBuildProvider.cs
- TaskFormBase.cs
- TypeUtil.cs
- Point4D.cs
- ResolveNameEventArgs.cs
- AttributeTable.cs
- X509ClientCertificateAuthenticationElement.cs
- HostSecurityManager.cs
- indexingfiltermarshaler.cs
- TextContainerHelper.cs
- Object.cs
- PartitionerStatic.cs
- ReadOnlyDataSource.cs
- DiscoveryReferences.cs