Custom Principal Permission

From: Jose Lema (tankete@computer.org)
Date: 03/06/03 

From: "Jose Lema" <tankete@computer.org>
Date: Thu, 6 Mar 2003 02:20:44 -0800

First, let me say, "Thank you" to anyone who takes the
time to read this. It's a long message. And a big, "THANK
YOU" to anyone who can offer help.

For our web application, we have the need to enhance some
of the built in functionality surrounding authentication
and authorization. Using IsInRole() is not enough for the
tasks we're trying to accomplish. As a result, we know
that we need to "extend" the PrincipalPermission class.
Since it's a sealed class, and so inheritance is not
allowed, we've had to do some guessing as to how to
implement it. So far, our CustomPrincipalPermission class
is working...imperatively. That is, if I write code like
this, everything works.

try
{
   CustomPrincipalPermission p = new
CustomPrincipalPermission(xxx);
   p.Demand();

   ...continue with processing, assuming that caller has
appropriate permissions
   DoStuff();
}
catch (SecurityException e)
{
   ...caller did not have appropriate permissions via
CustomPrincipal
   ...do whatever...
}

Again, the above code works properly. On the other hand,
if I want to use declarative security, by creating the
custom attribute CustomPrincipalPermissionAttribute, then
the following code is <b>not</b> working.

[CustomPrincipalPermission(SecurityAction.Demand,
Role="xxx")]
public void DoStuff()
{
   ...only threads running with are associated with
CustomPrincipals
}

The above code compiles, but when the application runs,
all users are able to run right thru DoStuff(). That is,
the security checks are not happening.

After much investigation, I've found that the problem can
be viewed by looking at the disassembly of my calling
application's code. If I use <b>my</b>
CustomPrincipalPermissionAttribute, there is a line in
the method il that looks like this:

.method private hidebysig instance void DoStuff() cil
managed
{
  .permissionset demand = ()
  ...
}

If I change my application to just use <b>.NET's</b>
supplied PrincipalPermissionAttribute, there is a line in
the method il that looks like this:

.method private hidebysig instance void DoStuff() cil
managed
{
  .permissionset noncasdemand = (3C 00 50 00 65 00 72 00
6D 00 69 00 73 00 73 00 ...
  ...
}

Now, there are two things I see that are problematic for
me.
1. I don't know how to specify a noncasdemand, since the
SecurityAction enumeration does not include it.
2. My permission set is EMPTY! The xml was never written!
(Furthermore, all documentation about creating custom
permissions is around CAS, not role-based. So even my
ToXml() method is using a SecurityElement
of "IPermission", not "Permission", like the xml output
of PrincipalPermission)

Further investigation using the permview.exe tool,
provided with the .NET SDK, showed me the same thing.
When running with <b>.NET's</b>
PrincipalPermissionAttribute, the following is the output:

C:...>permview /decl test.exe
Method Test.Form1::DoStuff() NonCasDemand permission set:
<PermissionSet class="System.Security.PermissionSet"
version="1">
   <Permission
class="System.Security.Permissions.PrincipalPermission,
mscorlib, Version=1.0.3300.0, Culture=neutral,
PublicKeyToken=b77a5c561934e089" version="1">
      <Identity Authenticated="true" Role="xxx"/>
   </Permission>
</PermissionSet>

When I try and use <b>my</b>
CustomPrincipalPermissionAttribute, the following is the
output:

C:...>permview /decl test.exe
Method Test.Form1::DoStuff() Demand permission set:
<PermissionSet class="System.Security.PermissionSet"/>

Obviously, I need to find a way to get the permission xml
into the metadata. I just don't know how. I've already
implemented ISecurityEncodable in my
CustomPrincipalPermission class and I <b>know</b> it
works, because I can imperatively create a new instance
using the FromXml(SecurityElement e) method.

Hopefully you've followed this long-winded problem. I
believe the resolution is just a tweak away. Thanks in
advance for your replies.

JL

Relevant Pages

  • Custom Principal Permission
    ... So far, our CustomPrincipalPermission class ... the security checks are not happening. ... ..method private hidebysig instance void DoStuff() cil ... My permission set is EMPTY! ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Custom Principal Permission
    ... So far, our CustomPrincipalPermission class ... the security checks are not happening. ... .method private hidebysig instance void DoStuff() cil ... My permission set is EMPTY! ...
    (microsoft.public.dotnet.security)
  • Re: Custom Principal Permission
    ... > custom attribute CustomPrincipalPermissionAttribute, then ... > the security checks are not happening. ... > .method private hidebysig instance void DoStuff() cil ... My permission set is EMPTY! ...
    (microsoft.public.dotnet.security)
  • Re: Server Reports empty
    ... Security Exception ... To grant this application the required permission ... The server will start to collect new counter value from ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: Code Access Security, Evidence Based Security, Code Access Permission, Role Based Permission, et
    ... confused on the relationship between Code Access Security, Evidence Based ... Security, Code Access Permission, Role Based Permission, Declarative and ... user running it (if this is true, then only the Identity Permission Code ...
    (microsoft.public.dotnet.security)
Quantcast