Principal Permissions
-
I'm trying to protect one of my classes using PrincipalPermissionAttribute. I'm setting it to only allow the code to execute only if a specific user is trying to run it. Here is the class declaration: [PrincipalPermissionAttribute(SecurityAction.Demand, Authenticated:=True, name:="MYDOMAIN\\Mauricio")] public class foo This code works fine but the problem is that it allows the usage of an GenericPrincipal object and I want it to use a WindowsPrincipal object. Allow it to use a GenericPrincipal will anyone to create a GenericPrincipal with that user name and execute the code. Like this: GenericIdentity oIdent = new GenericIdentity("MYDOMAIN\\Mauricio", "NTLM"); GenericPrincipal oPrinc = new GenericPrincipal(oPrinc, null); foo oFoo = new foo(); My question is: is there anyone to demand that a code only accepts WindowsPrincipals, and don't accept GenericPrincipals ? :wtf: thanks Mauricio Ritter - Brazil Sonorking now: 100.13560 MRitter
English is not my native language so, if you find any spelling erros in my posts, please let me know. -
I'm trying to protect one of my classes using PrincipalPermissionAttribute. I'm setting it to only allow the code to execute only if a specific user is trying to run it. Here is the class declaration: [PrincipalPermissionAttribute(SecurityAction.Demand, Authenticated:=True, name:="MYDOMAIN\\Mauricio")] public class foo This code works fine but the problem is that it allows the usage of an GenericPrincipal object and I want it to use a WindowsPrincipal object. Allow it to use a GenericPrincipal will anyone to create a GenericPrincipal with that user name and execute the code. Like this: GenericIdentity oIdent = new GenericIdentity("MYDOMAIN\\Mauricio", "NTLM"); GenericPrincipal oPrinc = new GenericPrincipal(oPrinc, null); foo oFoo = new foo(); My question is: is there anyone to demand that a code only accepts WindowsPrincipals, and don't accept GenericPrincipals ? :wtf: thanks Mauricio Ritter - Brazil Sonorking now: 100.13560 MRitter
English is not my native language so, if you find any spelling erros in my posts, please let me know.The only way you'll be able to do this is to extend the
PrincipalPermissionandPrincipalPermissionAttributeclasses, or create your own. You could do the very same things, except check the Type againstWindowsPrincipalthat you get back fromThread.CurrentPrincipal. The current implementation doesn't care about the Type, so long as it implementsIPrincipal. If you want to know exactly what the current classes mentioned above are doing, you can use ildasm.exe that ships with the .NET Framework SDK if you know IL (and it wouldn't hurt to know anyway), or use a good decompiler like .NET Reflector[^].Microsoft MVP, Visual C# My Articles