Custom Permission and SecurityManager.IsGranted

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

After reading Eugene Bobukh's blog entry about creating custom non-CAS
permissions, I developed a few custom permissions to satisfy the needs of an
application I'm currently working on.

For reference, the blog entry I'm referring to can be found here:

http://blogs.msdn.com/eugene_bobukh/archive/2004/03/10/87645.aspx

Everything Eugene talked about works fine, but one thing that doesn't seem
to work is using custom permissions with the SecurityManager.IsGranted
method. When SecurityManager.IsGranted is called, IPermission.IsSubsetOf
gets called as well, but the IPermission target parameter is always null. I
verified that this happens with Euguene's sample code as well.

For example:

WorkingTimePermission p = new WorkingTimePermission();

if (SecurityManager.IsGranted(p))
{
// Enable application UI tabs which should be available only during
working hours.
}

When stepping through the code, SecurityManager.IsGranted does some
processing and then WorkingTimePermission.IsSubsetOf gets called, but with a
null IPermission target parameter.

Can anyone shed some light on why this may be happening?

Thanks in advance,

Jason
 
After reading Eugene Bobukh's blog entry about creating custom
non-CAS permissions, I developed a few custom permissions to
satisfy the needs of an application I'm currently working on.

For reference, the blog entry I'm referring to can be found
here:

http://blogs.msdn.com/eugene_bobukh/archive/2004/03/10/87645.aspx

Everything Eugene talked about works fine, but one thing that
doesn't seem to work is using custom permissions with the
SecurityManager.IsGranted method. When
SecurityManager.IsGranted is called, IPermission.IsSubsetOf gets
called as well, but the IPermission target parameter is always
null. I verified that this happens with Euguene's sample code
as well.

For example:

WorkingTimePermission p = new WorkingTimePermission();

if (SecurityManager.IsGranted(p))
{
// Enable application UI tabs which should be available
only during
working hours.
}

When stepping through the code, SecurityManager.IsGranted does
some processing and then WorkingTimePermission.IsSubsetOf gets
called, but with a null IPermission target parameter.

Can anyone shed some light on why this may be happening?
Click to expand...

Jason,

SecurityManager.IsGranted() determines whether a permission is
granted by examining the CAS permissions that have been granted by
the administrator. Since WorkingTimePermission is a non-CAS
permission, that means the security policies set by the administrator
have no impact regarding that permission. In other words, there is
no way for an administrator to grant or revoke a
WorkingTimePermission. Therefore SecurityManager.IsGranted() will
always return false for WorkingTimePermission().

WorkingTimePermission.Demand() is the method to use:


WorkingTimePermission p = new WorkingTimePermission();

try
{
p.Demand();
// If code gets here, then the permission was granted.

// Enable application UI tabs which should be available
// only during working hours.
}
catch (SecurityException ex)
{
// Permission was not granted.
}
 
After digging through the rotor source, I was able to determine just that;
IsGranted won't work with non-CAS permissions. Having said that though,
what's the best method for applications to use when they want to know if a
demand will fail without having to catch SecurityException? I'm looking for
a simple method like IsGranted that returns bool. It looks exactly like
that's what IsGranted was tailored to do. Also, is there a reason IsGranted
isn't verifying that the IPermission provided is CAS related?

Thanks again,

Jason
 
After digging through the rotor source, I was able to determine
just that; IsGranted won't work with non-CAS permissions.
Click to expand...

Jason,

Are you familiar with Reflector? It's a great utility for
disassembling the .Net framework methods to find out what's really
being executed:

http://www.aisto.com/roeder/dotnet/
Having said that though, what's the best method for applications
to use when they want to know if a demand will fail without
having to catch SecurityException? I'm looking for a simple
method like IsGranted that returns bool. It looks exactly like
that's what IsGranted was tailored to do.
Click to expand...

It took me a while to get used to CAS vs. non-CAS permissions, and
to realize that key phrases like "security policies" and "policy"
only apply to CAS permissions. Once I got comfortable with that,
deciphering apparently innocent help entries like
SecurityManager.IsGranted's Remarks section became much easier:

"Granting of permissions is determined by policy..."

This implies - but doesn't explicitly state - that the method only
works with CAS permissions, because it is checking the current
security policy. It takes some getting used to.

I don't think there's a method in the framework that could
take a WorkingTimePermission parameter and determine if
its permission had been granted. Non-CAS permissions are what
I would dub "stand alone" permissions. They are unique by
nature and have no required dependencies except for IPermission.
All CAS permissions, on the other hand, are tied to the security
policies set by the administrator.

However, there is nothing to prevent you from creating your
own SecurityManager-type class that handles both CAS and
non-CAS permissions:


using System.Security;

// Untested.
public class MySecurityManager
{
// Usage: MySecurityManager.IsGranted(permissionInstance);

public static bool IsGranted(object perm)
{
// perm descends from CodeAccessPermission, so it's a
// CAS permission.
if (perm is CodeAccessPermission)
return SecurityManager.IsGranted(perm as IPermission);

// perm does not descend from CodeAccessPermission,
// but it implements the IPermission interface.
// That means it's a non-CAS permission.
if (perm is IPermission)
{
try
{
(perm as IPermission).Demand();
return true;
catch
{
return false;
}
}

// perm is not a permission.
return false;
}
}
Also, is there a
reason IsGranted isn't verifying that the IPermission provided
is CAS related?
Click to expand...

Yes, there is. SecurityManager.IsGranted takes an IPermission
parameter. IPermission provides no way of determining the
parentage of the perm parameter. So IsGranted can't tell if the
permisson descended from CodeAccessPermission or not.
 
Chris R. Timmons said:
Jason,

Are you familiar with Reflector? It's a great utility for
disassembling the .Net framework methods to find out what's really
being executed:

http://www.aisto.com/roeder/dotnet/
Click to expand...

Yep, I use Reflector all the time. I happened to be looking at some of the
Rotor source earlier so that that was a easier route at the time. But I
agree, Reflector is a godsend.
It took me a while to get used to CAS vs. non-CAS permissions, and
to realize that key phrases like "security policies" and "policy"
only apply to CAS permissions. Once I got comfortable with that,
deciphering apparently innocent help entries like
SecurityManager.IsGranted's Remarks section became much easier:

"Granting of permissions is determined by policy..."

This implies - but doesn't explicitly state - that the method only
works with CAS permissions, because it is checking the current
security policy. It takes some getting used to.
Click to expand...

Thanks for the explaination. After spending a few days getting intimitely
familiar with the .NET security system, everything is making a lot more sense.
I don't think there's a method in the framework that could
take a WorkingTimePermission parameter and determine if
its permission had been granted. Non-CAS permissions are what
I would dub "stand alone" permissions. They are unique by
nature and have no required dependencies except for IPermission.
All CAS permissions, on the other hand, are tied to the security
policies set by the administrator.

However, there is nothing to prevent you from creating your
own SecurityManager-type class that handles both CAS and
non-CAS permissions:
Click to expand...

I figured as much. I already have a SecurityManager like class in version 1
of the security library I developed for the last version of our product that
I'll easily integrate a similar method into. I am mainly concerned about
those developers who out of ignorance assume it's ok to pass my non-CAS
IPermission implementations into SecurityManager.IsGranted.

Thanks again for your help!
 
Back
Top