Security Attributes without Try-Finally?

  • Thread starter Thread starter localhost
  • Start date Start date
L

localhost

I have decorated several classes and methods in an
ASP.NET appliation with declarative security attributes
for roles. For example:

[System.Security.Permissions.PrincipalPermission
(System.Security.Permissions.SecurityAction.Demand ,
Role="SomeRole")]

I currently use a Try...Finally block in calling code to
test a user's Role permissions. I would like to get away
from this and use a real logical construct.

How can I test for Role access with attributes and not
use Try...Finally?

Thanks.
 
Hi localhost,


Thank you for using Microsoft Newsgroup Sevice. Based on your description,
you are wanting to apply Role-based access checking in the some methods,
also you don't want to use the "Try ... catch ...Finally" style to check.
Is my understanding of'
your problem correct?

If so, here is some suggestions on it:

If you do not want a thrown exception to be the default behavior for
validation failure. In this case, you can use the static CurrentPrincipal
property on the System.Threading.Thread class to access the Principal
object and call its methods.

After obtaining the principal object, you can use conditional statements to
control access to your code based on the principal name as shown in the
following code example:

WindowsPrincipal MyPrincipal = (WindowsPrincipal) Thread.CurrentPrincipal;
if (MyPrincipal.Identity.Name == "fred")
// Permit access to some code.

You can also programmatically check role membership by calling the IsInRole
method on the current Principal object as shown in the following code
example:

WindowsPrincipal MyPrincipal = (Thread.CurrentPrincipal as
WindowsPrincipal);
if (MyPrincipal.IsInRole("Administrator")) {
// Permit access to some code.
}

The examples are from the MSDN Library in dotnet security section, if you
need detailed information on it, you can visit
this topic directly via the following weblink:
http://msdn.microsoft.com/library/en-us/cpguide/html/cpcondirectlyaccessingp
rincipalobject.asp?frame=true


Please try out the above suggestion. If you have any questions, please feel
free to let me know.


Merry Christmas!!

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
 
Back
Top