Security Framework Implementation

  • Thread starter Thread starter Sam.Net
  • Start date Start date
S

Sam.Net

hello all,

I am creating the security framework for one project. There is one security
check I want to perform.
That only the users with perticular role will be able to create object of
perticular class. Structure I am thinking of is as follows

[Permission("Admin")]
public class ABC
{
------
-------
}

Now I want to check this attribute some where in security manager. How do I
notify new object creation of ABC to Security manager I dont want keep
security related code in ABC. So that the entites will be unaware of any
security checks. And I want it to be declearative. Also I dont want to use
Unmanaged code to put this check and also the framework does not use code
access security

Thanks in advance
 
[Permission("Admin")]
public class ABC
{
------
-------
}

Now I want to check this attribute some where in security manager. How do
I notify new object creation of ABC to Security manager I dont want keep
security related code in ABC. So that the entites will be unaware of any
security checks. And I want it to be declearative. Also I dont want to use
Unmanaged code to put this check and also the framework does not use code
access security
Click to expand...

first of all you should check if such functionality is already implemented.
look at various attributes in System.Security, System.Security.Permissions.
most probably you will find an apropriate classes in .net framework's
library.

if you really have to implement your own security manager then one of
options would be building your own object hierarchy and implementing your
security manager in the constructor of a root class. any other classes that
inherit from the root will have this functionality "out-of-the-box".

using System;
using System.Reflection;

class MySec : Attribute
{
public string role;
public MySec( string role )
{
this.role = role;
}
}

// root of the hierarchy
class Root
{
// here you implement your own security manager
public Root()
{
Console.WriteLine( "security manager" );

Type t = this.GetType();
foreach ( object o in t.GetCustomAttributes(typeof(MySec), true ) )
{
MySec s = (MySec)o;
Console.WriteLine( s.role );
}

Console.WriteLine( "security manager ends" );
}
}

[MySec("Admin")]
class MyClass : Root
{
public MyClass()
{
Console.WriteLine( "subclass" );
}
}

class M
{
public static void Main()
{
MyClass c = new MyClass();
}
}

yet another option would be to adopt the Aspect Oriented Programming
paradigm. you can read more on how to use AOP under .NET.

Regards,
Wiktor Zychla
 
Thanks a lot, it really helped me.
We have decided to go with aspect oriented way.
Thanks Again

Wiktor Zychla said:
[Permission("Admin")]
public class ABC
{
------
-------
}

Now I want to check this attribute some where in security manager. How do
I notify new object creation of ABC to Security manager I dont want keep
security related code in ABC. So that the entites will be unaware of any
security checks. And I want it to be declearative. Also I dont want to
use Unmanaged code to put this check and also the framework does not use
code access security
Click to expand...

first of all you should check if such functionality is already
implemented. look at various attributes in System.Security,
System.Security.Permissions. most probably you will find an apropriate
classes in .net framework's library.

if you really have to implement your own security manager then one of
options would be building your own object hierarchy and implementing your
security manager in the constructor of a root class. any other classes
that inherit from the root will have this functionality "out-of-the-box".

using System;
using System.Reflection;

class MySec : Attribute
{
public string role;
public MySec( string role )
{
this.role = role;
}
}

// root of the hierarchy
class Root
{
// here you implement your own security manager
public Root()
{
Console.WriteLine( "security manager" );

Type t = this.GetType();
foreach ( object o in t.GetCustomAttributes(typeof(MySec), true ) )
{
MySec s = (MySec)o;
Console.WriteLine( s.role );
}

Console.WriteLine( "security manager ends" );
}
}

[MySec("Admin")]
class MyClass : Root
{
public MyClass()
{
Console.WriteLine( "subclass" );
}
}

class M
{
public static void Main()
{
MyClass c = new MyClass();
}
}

yet another option would be to adopt the Aspect Oriented Programming
paradigm. you can read more on how to use AOP under .NET.

Regards,
Wiktor Zychla
Click to expand...
 
Back
Top