Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / System.ServiceModel.Activation / System / ServiceModel / Activation / AspNetPartialTrustHelpers.cs / 1305376 / AspNetPartialTrustHelpers.cs
//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System.Runtime; using System.Security; using System.Security.Permissions; using System.Threading; using System.Web; static class AspNetPartialTrustHelpers { [Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level." + "This will not change over the life of the AppDomain.")] [SecurityCritical] static SecurityContext aspNetSecurityContext; [Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")] [SecurityCritical] static bool isInitialized; [Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust." + "We will base subsequent security decisions on this.")] static bool IsFullTrust(PermissionSet perms) { return perms == null || perms.IsUnrestricted(); } internal static bool NeedPartialTrustInvoke { [Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.", Safe = "Ok to know whether the ASP app is partial trust.")] [SecuritySafeCritical] get { if (!isInitialized) { NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet(); if (!IsFullTrust(aspNetPermissionSet)) { try { aspNetPermissionSet.PermitOnly(); aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow(); } finally { CodeAccessPermission.RevertPermitOnly(); } } isInitialized = true; } return aspNetSecurityContext != null; } } [Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")] [SecurityCritical] [AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)] static NamedPermissionSet GetHttpRuntimeNamedPermissionSet() { return HttpRuntime.GetNamedPermissionSet(); } [Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.", Safe = "Ok to invoke the user's delegate under the PT context.")] [SecuritySafeCritical] internal static void PartialTrustInvoke(ContextCallback callback, object state) { if (NeedPartialTrustInvoke) { SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state); } else { callback(state); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- TextBoxBaseDesigner.cs
- _CookieModule.cs
- SqlParameterCollection.cs
- RepeaterItem.cs
- DispatcherEventArgs.cs
- COM2PropertyDescriptor.cs
- WebPartTransformerCollection.cs
- TextChangedEventArgs.cs
- FontNamesConverter.cs
- StyleXamlParser.cs
- EdmProviderManifest.cs
- SingleAnimationUsingKeyFrames.cs
- TreeViewDesigner.cs
- SubclassTypeValidator.cs
- DataGridTable.cs
- BrowserDefinition.cs
- CanonicalFontFamilyReference.cs
- DispatcherEventArgs.cs
- PropertyBuilder.cs
- ReferenceEqualityComparer.cs
- ScopeElementCollection.cs
- XmlTypeAttribute.cs
- ByteAnimationBase.cs
- AsymmetricCryptoHandle.cs
- XmlAttributeAttribute.cs
- RadialGradientBrush.cs
- TransformerConfigurationWizardBase.cs
- SqlServer2KCompatibilityCheck.cs
- WebPartUtil.cs
- Compilation.cs
- NavigationFailedEventArgs.cs
- XmlSchemaSimpleTypeRestriction.cs
- ButtonBaseAutomationPeer.cs
- ByteAnimationBase.cs
- DelegatingTypeDescriptionProvider.cs
- SecurityIdentifierElementCollection.cs
- SendReply.cs
- Header.cs
- PropertyKey.cs
- ObjectToModelValueConverter.cs
- DataServices.cs
- Section.cs
- GeometryDrawing.cs
- SimplePropertyEntry.cs
- TTSEvent.cs
- DbConnectionPoolGroupProviderInfo.cs
- LifetimeServices.cs
- SettingsAttributes.cs
- AppSettingsReader.cs
- DependencyPropertyAttribute.cs
- SliderAutomationPeer.cs
- DbConnectionHelper.cs
- Msmq4PoisonHandler.cs
- CreationContext.cs
- NumberFormatInfo.cs
- MissingFieldException.cs
- RepeatInfo.cs
- DbProviderFactories.cs
- XPathNodeIterator.cs
- XmlSchemaAttributeGroupRef.cs
- webproxy.cs
- ElasticEase.cs
- ReflectionHelper.cs
- InputChannel.cs
- WebPartVerbCollection.cs
- PerformanceCounterPermissionEntryCollection.cs
- DecimalKeyFrameCollection.cs
- EntityDataSourceQueryBuilder.cs
- WmiEventSink.cs
- ProtocolViolationException.cs
- X509Certificate2.cs
- Label.cs
- Propagator.Evaluator.cs
- RawStylusInputCustomDataList.cs
- SafeNativeMethods.cs
- CreateParams.cs
- WebPartDisplayModeEventArgs.cs
- Clipboard.cs
- BamlRecordReader.cs
- FtpWebResponse.cs
- MessageQueueAccessControlEntry.cs
- Claim.cs
- Substitution.cs
- ManifestResourceInfo.cs
- panel.cs
- SqlNamer.cs
- RegexMatchCollection.cs
- PropertyGrid.cs
- CacheVirtualItemsEvent.cs
- LinqDataSourceStatusEventArgs.cs
- ExecutionEngineException.cs
- SafeUserTokenHandle.cs
- LabelInfo.cs
- BinaryNode.cs
- CodeParameterDeclarationExpressionCollection.cs
- Transform.cs
- SecurityAccessDeniedException.cs
- DependencyObject.cs
- CommandEventArgs.cs
- TypeInfo.cs