Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / System.ServiceModel.Activation / System / ServiceModel / Activation / AspNetPartialTrustHelpers.cs / 1305376 / AspNetPartialTrustHelpers.cs
//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System.Runtime; using System.Security; using System.Security.Permissions; using System.Threading; using System.Web; static class AspNetPartialTrustHelpers { [Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level." + "This will not change over the life of the AppDomain.")] [SecurityCritical] static SecurityContext aspNetSecurityContext; [Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")] [SecurityCritical] static bool isInitialized; [Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust." + "We will base subsequent security decisions on this.")] static bool IsFullTrust(PermissionSet perms) { return perms == null || perms.IsUnrestricted(); } internal static bool NeedPartialTrustInvoke { [Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.", Safe = "Ok to know whether the ASP app is partial trust.")] [SecuritySafeCritical] get { if (!isInitialized) { NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet(); if (!IsFullTrust(aspNetPermissionSet)) { try { aspNetPermissionSet.PermitOnly(); aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow(); } finally { CodeAccessPermission.RevertPermitOnly(); } } isInitialized = true; } return aspNetSecurityContext != null; } } [Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")] [SecurityCritical] [AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)] static NamedPermissionSet GetHttpRuntimeNamedPermissionSet() { return HttpRuntime.GetNamedPermissionSet(); } [Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.", Safe = "Ok to invoke the user's delegate under the PT context.")] [SecuritySafeCritical] internal static void PartialTrustInvoke(ContextCallback callback, object state) { if (NeedPartialTrustInvoke) { SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state); } else { callback(state); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System.Runtime; using System.Security; using System.Security.Permissions; using System.Threading; using System.Web; static class AspNetPartialTrustHelpers { [Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level." + "This will not change over the life of the AppDomain.")] [SecurityCritical] static SecurityContext aspNetSecurityContext; [Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")] [SecurityCritical] static bool isInitialized; [Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust." + "We will base subsequent security decisions on this.")] static bool IsFullTrust(PermissionSet perms) { return perms == null || perms.IsUnrestricted(); } internal static bool NeedPartialTrustInvoke { [Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.", Safe = "Ok to know whether the ASP app is partial trust.")] [SecuritySafeCritical] get { if (!isInitialized) { NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet(); if (!IsFullTrust(aspNetPermissionSet)) { try { aspNetPermissionSet.PermitOnly(); aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow(); } finally { CodeAccessPermission.RevertPermitOnly(); } } isInitialized = true; } return aspNetSecurityContext != null; } } [Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")] [SecurityCritical] [AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)] static NamedPermissionSet GetHttpRuntimeNamedPermissionSet() { return HttpRuntime.GetNamedPermissionSet(); } [Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.", Safe = "Ok to invoke the user's delegate under the PT context.")] [SecuritySafeCritical] internal static void PartialTrustInvoke(ContextCallback callback, object state) { if (NeedPartialTrustInvoke) { SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state); } else { callback(state); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ItemCheckEvent.cs
- MenuItem.cs
- Command.cs
- XpsException.cs
- DataGridAddNewRow.cs
- DockPanel.cs
- CollectionBase.cs
- HttpGetProtocolImporter.cs
- ObjectListSelectEventArgs.cs
- SystemIPv6InterfaceProperties.cs
- ApplicationId.cs
- PeerToPeerException.cs
- Listen.cs
- OrderedDictionaryStateHelper.cs
- BinaryFormatter.cs
- TemplateBindingExpressionConverter.cs
- SynchronizedDispatch.cs
- AmbiguousMatchException.cs
- CacheDependency.cs
- MemoryRecordBuffer.cs
- TimersDescriptionAttribute.cs
- CustomDictionarySources.cs
- XmlObjectSerializerWriteContextComplexJson.cs
- QueryExpr.cs
- HierarchicalDataSourceDesigner.cs
- ReversePositionQuery.cs
- ErrorWrapper.cs
- InvokeHandlers.cs
- XmlComment.cs
- ThicknessAnimationBase.cs
- ReflectionHelper.cs
- BuildProviderCollection.cs
- LineVisual.cs
- ContentFileHelper.cs
- LightweightCodeGenerator.cs
- ClientCultureInfo.cs
- CollectionDataContractAttribute.cs
- XmlSerializerFactory.cs
- TouchesCapturedWithinProperty.cs
- RedistVersionInfo.cs
- BuildProvidersCompiler.cs
- NaturalLanguageHyphenator.cs
- DataListItemEventArgs.cs
- CustomValidator.cs
- XmlDocumentFragment.cs
- SettingsContext.cs
- ListViewDeletedEventArgs.cs
- Misc.cs
- NodeFunctions.cs
- wmiprovider.cs
- TextDecorationCollection.cs
- MediaContextNotificationWindow.cs
- XmlSignatureManifest.cs
- CookielessHelper.cs
- WebPartPersonalization.cs
- StrongNameMembershipCondition.cs
- HyperLinkField.cs
- UIPropertyMetadata.cs
- PLINQETWProvider.cs
- EntityStoreSchemaGenerator.cs
- OptimizedTemplateContent.cs
- XComponentModel.cs
- AuthorizationRuleCollection.cs
- BuildDependencySet.cs
- ComponentDispatcher.cs
- CodeDirectionExpression.cs
- OpCellTreeNode.cs
- DesignTimeVisibleAttribute.cs
- FileDialog.cs
- SerializerDescriptor.cs
- AssertSection.cs
- DataViewManager.cs
- RequestCacheEntry.cs
- SchemaObjectWriter.cs
- DataGridViewCellStyle.cs
- XmlFormatReaderGenerator.cs
- TextElementEditingBehaviorAttribute.cs
- ZipIOLocalFileHeader.cs
- ServicePoint.cs
- ParsedAttributeCollection.cs
- HijriCalendar.cs
- TextBlock.cs
- Task.cs
- Types.cs
- ContractMethodInfo.cs
- TeredoHelper.cs
- UnauthorizedWebPart.cs
- SiteMapDataSourceView.cs
- TextTreeTextElementNode.cs
- SHA512Managed.cs
- MetafileHeader.cs
- ContractCodeDomInfo.cs
- DataTableReader.cs
- ClientScriptManagerWrapper.cs
- CodeNamespaceImportCollection.cs
- UserUseLicenseDictionaryLoader.cs
- CompilationRelaxations.cs
- ConnectionStringsSection.cs
- ProxyGenerator.cs
- TcpClientCredentialType.cs