Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / wpf / src / Base / System / Security / RightsManagement / User.cs / 1305600 / User.cs
//------------------------------------------------------------------------------ // //// Copyright (C) Microsoft Corporation. All rights reserved. // // // Description: // This class implements the UnsignedPublishLicense class // this class is the first step in the RightsManagement publishing process // // History: // 06/01/2005: IgorBel : Initial Implementation // //----------------------------------------------------------------------------- using System; using System.Collections; using System.Collections.Generic; // for IEqualityComparergeneric interface. using System.Diagnostics; using System.Globalization; using System.Text; using System.Windows; using MS.Internal; // for Invariant using MS.Internal.Security.RightsManagement; using SecurityHelper = MS.Internal.WindowsBase.SecurityHelper; namespace System.Security.RightsManagement { /// /// This class represents a User for purposes of granting rights to that user, initializing secure environment for the user, /// or enumerating rights granted to various users. /// ////// Critical: This class expose access to methods that eventually do one or more of the the following /// 1. call into unmanaged code /// 2. affects state/data that will eventually cross over unmanaged code boundary /// 3. Return some RM related information which is considered private /// /// TreatAsSafe: This attrbiute automatically applied to all public entry points. All the public entry points have /// Demands for RightsManagementPermission at entry to counter the possible attacks that do /// not lead to the unamanged code directly(which is protected by another Demand there) but rather leave /// some status/data behind which eventually might cross the unamanaged boundary. /// [SecurityCritical(SecurityCriticalScope.Everything)] public class ContentUser { ////// This constructor creates a user that will be granted a right. Or used in other related scenarios like /// initializing secure environment for the user, or enumerating rights granted to various users. /// public ContentUser(string name, AuthenticationType authenticationType) { SecurityHelper.DemandRightsManagementPermission(); if (name == null) { throw new ArgumentNullException("name"); } if (name.Trim().Length == 0) { throw new ArgumentOutOfRangeException("name"); } if ((authenticationType != AuthenticationType.Windows) && (authenticationType != AuthenticationType.Passport) && (authenticationType != AuthenticationType.WindowsPassport) && (authenticationType != AuthenticationType.Internal)) { throw new ArgumentOutOfRangeException("authenticationType"); } // We only support Anyone for the internal mode at the moment if (authenticationType == AuthenticationType.Internal) { if (!CompareToAnyone(name) && !CompareToOwner(name)) { // we only support Anyone as internal user throw new ArgumentOutOfRangeException("name"); } } _name = name; _authenticationType = authenticationType; } ////// Currently only 2 Authentication types supported Windows and Passport /// public AuthenticationType AuthenticationType { get { SecurityHelper.DemandRightsManagementPermission(); return _authenticationType; } } ////// Fully qualified SMTP address. /// public string Name { get { SecurityHelper.DemandRightsManagementPermission(); return _name; } } ////// Return true if the current User currently authenticated, which means that initialization /// process will likely not require a prompt. /// We check if the machine and the user are activated. /// We don't check the existence of a client licensor certificate since it is only /// required for publishing only /// public bool IsAuthenticated() { SecurityHelper.DemandRightsManagementPermission(); // we can only have activated Windows or Passport users // undefined authentication type can only be used for building a UnsignedPublishLicense if ((_authenticationType != AuthenticationType.Windows) && (_authenticationType != AuthenticationType.Passport)) { return false; } // User specific client session to check it's status using (ClientSession userClientSession = new ClientSession(this)) { return (userClientSession.IsMachineActivated() && userClientSession.IsUserActivated()); } } ////// Test for equality. /// public override bool Equals(object obj) { SecurityHelper.DemandRightsManagementPermission(); if (obj == null) return false; // Standard behavior. if (GetType() != obj.GetType()) return false; // Different type. ContentUser userObj = (ContentUser)obj; return (String.CompareOrdinal(_name.ToUpperInvariant(), userObj._name.ToUpperInvariant()) == 0) && _authenticationType.Equals(userObj._authenticationType); } ////// Returns an instance of the User class that identifyes "Anyone" persona. /// This user has authentication type "Internal" and Name "Anyone". /// If this such user was granted rights dutring publishing; server will issue Use License /// to anyone who requests one, but it will be attached to the requesting user. /// public static ContentUser AnyoneUser { get { SecurityHelper.DemandRightsManagementPermission(); if (_anyoneUser == null) { _anyoneUser = new ContentUser(AnyoneUserName, AuthenticationType.Internal); } return _anyoneUser; } } ////// Returns an instance of the User class that identifies "Owner" persona. /// This user has authentication type Internal and Name "Owner". /// This is mostly used by the server side templates to give special rights to the /// Publisher/author who would be building a protected document using those templates /// public static ContentUser OwnerUser { get { SecurityHelper.DemandRightsManagementPermission(); if (_ownerUser == null) { _ownerUser = new ContentUser(OwnerUserName, AuthenticationType.Internal); } return _ownerUser; } } ////// Compute hash code. /// public override int GetHashCode() { SecurityHelper.DemandRightsManagementPermission(); if (!hashCalcIsDone) { StringBuilder hashString = new StringBuilder(_name.ToUpperInvariant()); hashString.Append(_authenticationType.ToString()); hashValue = (hashString.ToString()).GetHashCode(); hashCalcIsDone = true; } return hashValue; } ////// Converts AuthenticationType to AuthenticationProviderType string require for a client session /// internal string AuthenticationProviderType { get { if (_authenticationType == AuthenticationType.Windows) { return WindowsAuthProvider; } else if (_authenticationType == AuthenticationType.Passport) { return PassportAuthProvider; } else { Invariant.Assert(false, "AuthenticationProviderType can only be queried for Windows or Passport authentication"); return null; } } } ////// Generic test for equality. This method allows any types based on ContentUser /// to be comparable. /// ////// TreatAsSafe: This method may be called indirectly from a Partial Trust environment. /// It only performs a safe string comparison. /// [SecurityTreatAsSafe] internal bool GenericEquals(ContentUser userObj) { // this checks for null argument if (userObj == null) { return false; } else { return (String.CompareOrdinal(_name.ToUpperInvariant(), userObj._name.ToUpperInvariant()) == 0) && _authenticationType.Equals(userObj._authenticationType); } } ////// Implements the IEqualityComparer generic interface to be /// used in a Dictionary with ContentUser as key type. /// This interface allows any types based on ContentUser to be /// comparable. /// ////// TreatAsSafe: The methods of this class may be called indirectly from /// a Partial Trust environment. /// Both methods only validate their parameters, then call other safe methods. /// [SecurityTreatAsSafe] internal sealed class ContentUserComparer : IEqualityComparer{ bool IEqualityComparer .Equals(ContentUser user1, ContentUser user2) { Invariant.Assert(user1 != null, "user1 should not be null"); return user1.GenericEquals(user2); } int IEqualityComparer .GetHashCode(ContentUser user) { Invariant.Assert(user != null, "user should not be null"); return user.GetHashCode(); } } /// /// A comparer that can be passed to a Dictionary to allow /// generic match for different types based on ContentUser. /// ////// TreatAsSafe: This field will be accessed by SecurityTransparent code. It's static, readonly. /// It's safe to allow access from SecurityTransparent code. /// [SecurityTreatAsSafe] internal static readonly ContentUserComparer _contentUserComparer = new ContentUserComparer(); internal static bool CompareToAnyone(string name) { return (0 == String.CompareOrdinal(AnyoneUserName.ToUpperInvariant(), name.ToUpperInvariant())); } internal static bool CompareToOwner(string name) { return (0 == String.CompareOrdinal(OwnerUserName.ToUpperInvariant(), name.ToUpperInvariant())); } private const string WindowsAuthProvider = "WindowsAuthProvider"; private const string PassportAuthProvider = "PassportAuthProvider"; private const string OwnerUserName = "Owner"; private static ContentUser _ownerUser; private const string AnyoneUserName = "Anyone"; private static ContentUser _anyoneUser; private string _name; private AuthenticationType _authenticationType; private int hashValue; private bool hashCalcIsDone; // flag that indicates the value in hasValue is already calculated and usable } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved. //------------------------------------------------------------------------------ // //// Copyright (C) Microsoft Corporation. All rights reserved. // // // Description: // This class implements the UnsignedPublishLicense class // this class is the first step in the RightsManagement publishing process // // History: // 06/01/2005: IgorBel : Initial Implementation // //----------------------------------------------------------------------------- using System; using System.Collections; using System.Collections.Generic; // for IEqualityComparergeneric interface. using System.Diagnostics; using System.Globalization; using System.Text; using System.Windows; using MS.Internal; // for Invariant using MS.Internal.Security.RightsManagement; using SecurityHelper = MS.Internal.WindowsBase.SecurityHelper; namespace System.Security.RightsManagement { /// /// This class represents a User for purposes of granting rights to that user, initializing secure environment for the user, /// or enumerating rights granted to various users. /// ////// Critical: This class expose access to methods that eventually do one or more of the the following /// 1. call into unmanaged code /// 2. affects state/data that will eventually cross over unmanaged code boundary /// 3. Return some RM related information which is considered private /// /// TreatAsSafe: This attrbiute automatically applied to all public entry points. All the public entry points have /// Demands for RightsManagementPermission at entry to counter the possible attacks that do /// not lead to the unamanged code directly(which is protected by another Demand there) but rather leave /// some status/data behind which eventually might cross the unamanaged boundary. /// [SecurityCritical(SecurityCriticalScope.Everything)] public class ContentUser { ////// This constructor creates a user that will be granted a right. Or used in other related scenarios like /// initializing secure environment for the user, or enumerating rights granted to various users. /// public ContentUser(string name, AuthenticationType authenticationType) { SecurityHelper.DemandRightsManagementPermission(); if (name == null) { throw new ArgumentNullException("name"); } if (name.Trim().Length == 0) { throw new ArgumentOutOfRangeException("name"); } if ((authenticationType != AuthenticationType.Windows) && (authenticationType != AuthenticationType.Passport) && (authenticationType != AuthenticationType.WindowsPassport) && (authenticationType != AuthenticationType.Internal)) { throw new ArgumentOutOfRangeException("authenticationType"); } // We only support Anyone for the internal mode at the moment if (authenticationType == AuthenticationType.Internal) { if (!CompareToAnyone(name) && !CompareToOwner(name)) { // we only support Anyone as internal user throw new ArgumentOutOfRangeException("name"); } } _name = name; _authenticationType = authenticationType; } ////// Currently only 2 Authentication types supported Windows and Passport /// public AuthenticationType AuthenticationType { get { SecurityHelper.DemandRightsManagementPermission(); return _authenticationType; } } ////// Fully qualified SMTP address. /// public string Name { get { SecurityHelper.DemandRightsManagementPermission(); return _name; } } ////// Return true if the current User currently authenticated, which means that initialization /// process will likely not require a prompt. /// We check if the machine and the user are activated. /// We don't check the existence of a client licensor certificate since it is only /// required for publishing only /// public bool IsAuthenticated() { SecurityHelper.DemandRightsManagementPermission(); // we can only have activated Windows or Passport users // undefined authentication type can only be used for building a UnsignedPublishLicense if ((_authenticationType != AuthenticationType.Windows) && (_authenticationType != AuthenticationType.Passport)) { return false; } // User specific client session to check it's status using (ClientSession userClientSession = new ClientSession(this)) { return (userClientSession.IsMachineActivated() && userClientSession.IsUserActivated()); } } ////// Test for equality. /// public override bool Equals(object obj) { SecurityHelper.DemandRightsManagementPermission(); if (obj == null) return false; // Standard behavior. if (GetType() != obj.GetType()) return false; // Different type. ContentUser userObj = (ContentUser)obj; return (String.CompareOrdinal(_name.ToUpperInvariant(), userObj._name.ToUpperInvariant()) == 0) && _authenticationType.Equals(userObj._authenticationType); } ////// Returns an instance of the User class that identifyes "Anyone" persona. /// This user has authentication type "Internal" and Name "Anyone". /// If this such user was granted rights dutring publishing; server will issue Use License /// to anyone who requests one, but it will be attached to the requesting user. /// public static ContentUser AnyoneUser { get { SecurityHelper.DemandRightsManagementPermission(); if (_anyoneUser == null) { _anyoneUser = new ContentUser(AnyoneUserName, AuthenticationType.Internal); } return _anyoneUser; } } ////// Returns an instance of the User class that identifies "Owner" persona. /// This user has authentication type Internal and Name "Owner". /// This is mostly used by the server side templates to give special rights to the /// Publisher/author who would be building a protected document using those templates /// public static ContentUser OwnerUser { get { SecurityHelper.DemandRightsManagementPermission(); if (_ownerUser == null) { _ownerUser = new ContentUser(OwnerUserName, AuthenticationType.Internal); } return _ownerUser; } } ////// Compute hash code. /// public override int GetHashCode() { SecurityHelper.DemandRightsManagementPermission(); if (!hashCalcIsDone) { StringBuilder hashString = new StringBuilder(_name.ToUpperInvariant()); hashString.Append(_authenticationType.ToString()); hashValue = (hashString.ToString()).GetHashCode(); hashCalcIsDone = true; } return hashValue; } ////// Converts AuthenticationType to AuthenticationProviderType string require for a client session /// internal string AuthenticationProviderType { get { if (_authenticationType == AuthenticationType.Windows) { return WindowsAuthProvider; } else if (_authenticationType == AuthenticationType.Passport) { return PassportAuthProvider; } else { Invariant.Assert(false, "AuthenticationProviderType can only be queried for Windows or Passport authentication"); return null; } } } ////// Generic test for equality. This method allows any types based on ContentUser /// to be comparable. /// ////// TreatAsSafe: This method may be called indirectly from a Partial Trust environment. /// It only performs a safe string comparison. /// [SecurityTreatAsSafe] internal bool GenericEquals(ContentUser userObj) { // this checks for null argument if (userObj == null) { return false; } else { return (String.CompareOrdinal(_name.ToUpperInvariant(), userObj._name.ToUpperInvariant()) == 0) && _authenticationType.Equals(userObj._authenticationType); } } ////// Implements the IEqualityComparer generic interface to be /// used in a Dictionary with ContentUser as key type. /// This interface allows any types based on ContentUser to be /// comparable. /// ////// TreatAsSafe: The methods of this class may be called indirectly from /// a Partial Trust environment. /// Both methods only validate their parameters, then call other safe methods. /// [SecurityTreatAsSafe] internal sealed class ContentUserComparer : IEqualityComparer{ bool IEqualityComparer .Equals(ContentUser user1, ContentUser user2) { Invariant.Assert(user1 != null, "user1 should not be null"); return user1.GenericEquals(user2); } int IEqualityComparer .GetHashCode(ContentUser user) { Invariant.Assert(user != null, "user should not be null"); return user.GetHashCode(); } } /// /// A comparer that can be passed to a Dictionary to allow /// generic match for different types based on ContentUser. /// ////// TreatAsSafe: This field will be accessed by SecurityTransparent code. It's static, readonly. /// It's safe to allow access from SecurityTransparent code. /// [SecurityTreatAsSafe] internal static readonly ContentUserComparer _contentUserComparer = new ContentUserComparer(); internal static bool CompareToAnyone(string name) { return (0 == String.CompareOrdinal(AnyoneUserName.ToUpperInvariant(), name.ToUpperInvariant())); } internal static bool CompareToOwner(string name) { return (0 == String.CompareOrdinal(OwnerUserName.ToUpperInvariant(), name.ToUpperInvariant())); } private const string WindowsAuthProvider = "WindowsAuthProvider"; private const string PassportAuthProvider = "PassportAuthProvider"; private const string OwnerUserName = "Owner"; private static ContentUser _ownerUser; private const string AnyoneUserName = "Anyone"; private static ContentUser _anyoneUser; private string _name; private AuthenticationType _authenticationType; private int hashValue; private bool hashCalcIsDone; // flag that indicates the value in hasValue is already calculated and usable } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ListBox.cs
- SetterBase.cs
- PerformanceCounterLib.cs
- TraceLog.cs
- DataGridViewColumnEventArgs.cs
- DataGridViewColumnEventArgs.cs
- NavigationExpr.cs
- SynchronizedDisposablePool.cs
- DataContractSerializerMessageContractImporter.cs
- PerformanceCounterPermissionAttribute.cs
- CanExpandCollapseAllConverter.cs
- HttpEncoderUtility.cs
- CapiHashAlgorithm.cs
- SharedUtils.cs
- InkCanvasInnerCanvas.cs
- ParamArrayAttribute.cs
- EventRecord.cs
- FigureParagraph.cs
- RoutedEventHandlerInfo.cs
- AssemblyCache.cs
- Image.cs
- LineBreak.cs
- AsnEncodedData.cs
- ILGenerator.cs
- LockedHandleGlyph.cs
- XmlSchemaObjectCollection.cs
- CommandValueSerializer.cs
- DataSourceListEditor.cs
- SiteMapDataSourceView.cs
- WebPartCloseVerb.cs
- OleAutBinder.cs
- EntityClassGenerator.cs
- PipelineComponent.cs
- ToolboxItemSnapLineBehavior.cs
- UnicodeEncoding.cs
- PolicyManager.cs
- SqlStream.cs
- CmsInterop.cs
- LogExtentCollection.cs
- controlskin.cs
- SecurityDescriptor.cs
- PropertyEntry.cs
- RuntimeVariablesExpression.cs
- CounterSample.cs
- VisualBasic.cs
- UpDownEvent.cs
- ExpandedWrapper.cs
- MiniAssembly.cs
- RtfFormatStack.cs
- MaskedTextBox.cs
- SecurityChannelListener.cs
- BinaryParser.cs
- IERequestCache.cs
- MembershipValidatePasswordEventArgs.cs
- DataServiceRequest.cs
- Vector3DKeyFrameCollection.cs
- InputScopeNameConverter.cs
- ServiceKnownTypeAttribute.cs
- AttributeEmitter.cs
- RemotingConfigParser.cs
- ColorDialog.cs
- URLString.cs
- ReflectionUtil.cs
- UrlMappingCollection.cs
- StatusBar.cs
- ReflectionHelper.cs
- Propagator.ExtentPlaceholderCreator.cs
- _TLSstream.cs
- InstanceContextManager.cs
- x509utils.cs
- AuthenticatedStream.cs
- CodeLinePragma.cs
- base64Transforms.cs
- Block.cs
- DataRelationCollection.cs
- ProcessModuleCollection.cs
- RegexCapture.cs
- GridViewRowCollection.cs
- Compilation.cs
- InternalsVisibleToAttribute.cs
- ModelPropertyImpl.cs
- List.cs
- ServiceRoute.cs
- Membership.cs
- HttpStaticObjectsCollectionBase.cs
- HostingEnvironment.cs
- DataGridViewRowHeightInfoPushedEventArgs.cs
- InvokeMemberBinder.cs
- ReturnType.cs
- ContextItemManager.cs
- SafeRightsManagementSessionHandle.cs
- TargetException.cs
- TextTreeTextNode.cs
- SimpleWorkerRequest.cs
- TableColumnCollection.cs
- AddValidationError.cs
- SqlConnectionString.cs
- OrderToken.cs
- CodePrimitiveExpression.cs
- SafeNativeMethodsCLR.cs