Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / System.ServiceModel.Activation / System / ServiceModel / Activation / AspNetPartialTrustHelpers.cs / 1305376 / AspNetPartialTrustHelpers.cs
//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System.Runtime; using System.Security; using System.Security.Permissions; using System.Threading; using System.Web; static class AspNetPartialTrustHelpers { [Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level." + "This will not change over the life of the AppDomain.")] [SecurityCritical] static SecurityContext aspNetSecurityContext; [Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")] [SecurityCritical] static bool isInitialized; [Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust." + "We will base subsequent security decisions on this.")] static bool IsFullTrust(PermissionSet perms) { return perms == null || perms.IsUnrestricted(); } internal static bool NeedPartialTrustInvoke { [Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.", Safe = "Ok to know whether the ASP app is partial trust.")] [SecuritySafeCritical] get { if (!isInitialized) { NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet(); if (!IsFullTrust(aspNetPermissionSet)) { try { aspNetPermissionSet.PermitOnly(); aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow(); } finally { CodeAccessPermission.RevertPermitOnly(); } } isInitialized = true; } return aspNetSecurityContext != null; } } [Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")] [SecurityCritical] [AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)] static NamedPermissionSet GetHttpRuntimeNamedPermissionSet() { return HttpRuntime.GetNamedPermissionSet(); } [Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.", Safe = "Ok to invoke the user's delegate under the PT context.")] [SecuritySafeCritical] internal static void PartialTrustInvoke(ContextCallback callback, object state) { if (NeedPartialTrustInvoke) { SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state); } else { callback(state); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System.Runtime; using System.Security; using System.Security.Permissions; using System.Threading; using System.Web; static class AspNetPartialTrustHelpers { [Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level." + "This will not change over the life of the AppDomain.")] [SecurityCritical] static SecurityContext aspNetSecurityContext; [Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")] [SecurityCritical] static bool isInitialized; [Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust." + "We will base subsequent security decisions on this.")] static bool IsFullTrust(PermissionSet perms) { return perms == null || perms.IsUnrestricted(); } internal static bool NeedPartialTrustInvoke { [Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.", Safe = "Ok to know whether the ASP app is partial trust.")] [SecuritySafeCritical] get { if (!isInitialized) { NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet(); if (!IsFullTrust(aspNetPermissionSet)) { try { aspNetPermissionSet.PermitOnly(); aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow(); } finally { CodeAccessPermission.RevertPermitOnly(); } } isInitialized = true; } return aspNetSecurityContext != null; } } [Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")] [SecurityCritical] [AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)] static NamedPermissionSet GetHttpRuntimeNamedPermissionSet() { return HttpRuntime.GetNamedPermissionSet(); } [Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.", Safe = "Ok to invoke the user's delegate under the PT context.")] [SecuritySafeCritical] internal static void PartialTrustInvoke(ContextCallback callback, object state) { if (NeedPartialTrustInvoke) { SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state); } else { callback(state); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- Stylesheet.cs
- OpenFileDialog.cs
- parserscommon.cs
- SspiHelper.cs
- WebPartDisplayModeCollection.cs
- SqlBulkCopyColumnMappingCollection.cs
- OleDbReferenceCollection.cs
- FormsAuthenticationCredentials.cs
- ValueTypePropertyReference.cs
- FrameworkObject.cs
- TextTreeUndoUnit.cs
- StackSpiller.Generated.cs
- RangeExpression.cs
- FormsAuthenticationModule.cs
- XPathDocumentBuilder.cs
- InitializingNewItemEventArgs.cs
- DataBoundControlHelper.cs
- StringUtil.cs
- DocobjHost.cs
- DBSqlParserColumn.cs
- Int32Rect.cs
- ColorConvertedBitmap.cs
- LabelLiteral.cs
- EncodingInfo.cs
- AllMembershipCondition.cs
- StringValidatorAttribute.cs
- SchemaTableOptionalColumn.cs
- AtomEntry.cs
- ColumnHeaderConverter.cs
- XmlSchemaSimpleTypeRestriction.cs
- XmlCharCheckingReader.cs
- AmbiguousMatchException.cs
- ISAPIApplicationHost.cs
- ChooseAction.cs
- TextDecorationLocationValidation.cs
- SubpageParaClient.cs
- DictionaryCustomTypeDescriptor.cs
- VisualTarget.cs
- SmtpAuthenticationManager.cs
- XmlSchemaRedefine.cs
- dataSvcMapFileLoader.cs
- ItemCollection.cs
- HttpInputStream.cs
- RenderingBiasValidation.cs
- SqlCacheDependencySection.cs
- ExpressionConverter.cs
- SignatureHelper.cs
- StreamInfo.cs
- ComponentCollection.cs
- httpapplicationstate.cs
- CqlParserHelpers.cs
- PersonalizationProviderHelper.cs
- BoundField.cs
- WorkflowOwnerAsyncResult.cs
- TextDocumentView.cs
- GrammarBuilderWildcard.cs
- TemplatePagerField.cs
- WebPartRestoreVerb.cs
- RefType.cs
- TriggerActionCollection.cs
- OutputCacheProviderCollection.cs
- DtrList.cs
- SimpleWorkerRequest.cs
- TriState.cs
- PDBReader.cs
- WebException.cs
- AutomationIdentifier.cs
- BlobPersonalizationState.cs
- RichTextBox.cs
- SafeHandle.cs
- Validator.cs
- webproxy.cs
- StaticFileHandler.cs
- TimeoutException.cs
- MethodBody.cs
- ReliableReplySessionChannel.cs
- DataGridAutoGeneratingColumnEventArgs.cs
- LocalizableAttribute.cs
- SQLStringStorage.cs
- Rule.cs
- ReadOnlyHierarchicalDataSource.cs
- coordinator.cs
- CssClassPropertyAttribute.cs
- PinnedBufferMemoryStream.cs
- Stroke.cs
- SoapAttributeAttribute.cs
- RegisteredHiddenField.cs
- NativeCppClassAttribute.cs
- DetailsViewInsertEventArgs.cs
- AutomationAttributeInfo.cs
- SurrogateEncoder.cs
- DynamicDiscoSearcher.cs
- ClrProviderManifest.cs
- FontNamesConverter.cs
- ColorAnimationUsingKeyFrames.cs
- MenuItemCollection.cs
- HideDisabledControlAdapter.cs
- SecurityTokenResolver.cs
- BulletedList.cs
- Underline.cs