I seem to (once again) be missing something pretty basic.
I am running under Windows XP Professional Service Pack 1 with all Hotfixes
installed and Visual Studio .NET 2003 in Debug mode.
The following reports "You have the >Administrato r< role."
using System.Security .Principal ;
using System.Security .Permissions ;
[PrincipalPermis sionAttribute(S ecurityAction.D emand,Role="Adm inistrator")]
private void Exercise15_2_Lo ad( object sender, System.EventArg s e )
{
MessageBox.Show ( "You have the >" + WindowsBuiltInR ole.Administrat or + "<
role." );
}
If I uncomment the single statement a security exception is thrown ...
An unhandled exception of type 'System.Securit y.SecurityExcep tion' occurred
in mscorlib.dll
Additional information: Request for principal permission failed.
What am I missing?
--
-- Thom Little -- www.tlaNET.net -- Thom Little Associates, Ltd.
-- 9 5294
Try modifying your attribute to this.
[PrincipalPermis sionAttribute(S ecurityAction.D emand,Role="BUI LTIN\Administra
tor")]
--
Jared Parsons [MSFT] ja******@online .microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights.
OR if you wish to include a script sample in your post please add "Use of
included script samples are subject to the terms specified at
http://www.microsoft.c om/info/cpyright.htm"
"Thom Little" <th**@tlanet.ne t> wrote in message
news:et******** ******@TK2MSFTN GP11.phx.gbl... I seem to (once again) be missing something pretty basic.
I am running under Windows XP Professional Service Pack 1 with all
Hotfixes installed and Visual Studio .NET 2003 in Debug mode.
The following reports "You have the >Administrato r< role."
using System.Security .Principal ; using System.Security .Permissions ;
[PrincipalPermis sionAttribute(S ecurityAction.D emand,Role="Adm inistrator")] private void Exercise15_2_Lo ad( object sender, System.EventArg s e ) { MessageBox.Show ( "You have the >" + WindowsBuiltInR ole.Administrat or +
"< role." ); }
If I uncomment the single statement a security exception is thrown ...
An unhandled exception of type 'System.Securit y.SecurityExcep tion'
occurred in mscorlib.dll Additional information: Request for principal permission failed.
What am I missing?
-- -- Thom Little -- www.tlaNET.net -- Thom Little Associates, Ltd. --
Thanks but ...
[PrincipalPermis sionAttribute(S ecurityAction.D emand,Role="BUI LTIN\\Administr
ator")]
.... gives the same result that I documented before.
--
-- Thom Little -- www.tlaNET.net -- Thom Little Associates, Ltd.
--
"Jared Parsons [MSFT]" <ja******@onlin e.microsoft.com > wrote in message
news:ul******** ******@TK2MSFTN GP11.phx.gbl... Try modifying your attribute to this.
[PrincipalPermis sionAttribute(S ecurityAction.D emand,Role="BUI LTIN\Administra tor")] -- Jared Parsons [MSFT] ja******@online .microsoft.com
Hi Thom,
I have reviewed your post, I will spend some time on it. I will reply to
you ASAP.
Thanks for your understanding.
Best regards,
Jeffrey Tan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
Jeffrey:
I appreciate that.
Some background ... where it came from ...
I worked my way through every example in the Que publication: "MCAD/MCSD
Developing and Implementing Windows-based Applications with Visual C# .NET
and Visual Studio .NET". There is a rather large errata file available
online and I have documented 65 additional entries for that file. (Three of
them are killers.)
This issue happens to be from the very last example in that text and the
results I was getting made absolutely no sense to me. I assumed it might be
collisions from other parts of the Solution. I rebuilt it in a separate
solution. I assumed it might be the results of the stack walk. I compiled
it in debug and release mode and tried stand alone execution of each.
The results I am getting are baffling.
If there are any suggestions I would be happy to play with them.
--
-- Thom Little -- www.tlaNET.net -- Thom Little Associates, Ltd.
--
"""Jeffrey Tan[MSFT]""" <v-*****@online.mi crosoft.com> wrote in message
news:tx******** ******@cpmsftng xa06.phx.gbl... Hi Thom,
I have reviewed your post, I will spend some time on it. I will reply to you ASAP.
Thanks for your understanding.
Best regards, Jeffrey Tan Microsoft Online Partner Support Get Secure! - www.microsoft.com/security This posting is provided "as is" with no warranties and confers no rights.
Hi Thom
Sorry for letting you wait for so long time.
After doing some research, I found that you should specify to use
WindowsPrincipa l.
Do like this:
private void Form1_Load(obje ct sender, System.EventArg s e)
{
System.AppDomai n.CurrentDomain .SetPrincipalPo licy(PrincipalP olicy.WindowsPr i
ncipal);
}
Then your
[PrincipalPermis sionAttribute(S ecurityAction.D emand,Role="BUI LTIN\\Administr
ators")]
will work well.
Note: In the PrincipalPermis sionAttribute, you should Role as
"BUILTIN\\Admin istrators" not "BUILTIN\\Admin istrator"
Thank you for your patience and cooperation. If you have any questions or
concerns, please feel free to post it in the group. I am standing by to be
of assistance.
Best regards,
Jeffrey Tan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
Jeffrey:
Thank you very much.
For me the example turns out to be ...
[STAThread]
public static void Main( )
{
Application.Run ( new Exercise15_2( ) );
}
private void Exercise15_2_Lo ad(object sender, System.EventArg s e)
{
System.AppDomai n.CurrentDomain .SetPrincipalPo licy(PrincipalP olicy.WindowsPr i
ncipal);
local_message( );
}
[PrincipalPermis sionAttribute(S ecurityAction.D emand,Role="BUI LTIN\\Administr
ators")]
private void local_message( )
{
MessageBox.Show ( "You have the >" + WindowsBuiltInR ole.Administrat or + "<
role." );
}
.... and it works.
Unfortunately the text in question asserts that the [Principal ...]
statement can be placed in front of the class definition and in so doing
apply to everything in the class.
This is apparently the fourth major error in this text.
Thank you for the help.
(BTW - where did you find the answer?)
--
-- Thom Little -- www.tlaNET.net -- Thom Little Associates, Ltd.
--
Hi Thom,
Thanks very much for your feedback.
I am glad it works :-)
Actually, I found the answer in google :-), actually, google is a good
mentor for learning.
For your last 2 paragraph:
"Unfortunat ely the text in question asserts that the [Principal ...]
statement can be placed in front of the class definition and in so doing
apply to everything in the class.
This is apparently the fourth major error in this text."
I am not fully understand, do you still have any concern? Please feel free
to feedback. Thanks
Best regards,
Jeffrey Tan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
Jeffrey:
Sorry ... I was being less than clear.
I was referring to the book. I identified 66 new errors in the book and
four of them are killers. This one is IMHO one of the four.
Thanks again.
--
-- Thom Little -- www.tlaNET.net -- Thom Little Associates, Ltd.
--
"""Jeffrey Tan[MSFT]""" <v-*****@online.mi crosoft.com> wrote in message
news:Kx******** ******@cpmsftng xa06.phx.gbl... Hi Thom,
Thanks very much for your feedback.
I am glad it works :-)
Actually, I found the answer in google :-), actually, google is a good mentor for learning.
For your last 2 paragraph: "Unfortunat ely the text in question asserts that the [Principal ...] statement can be placed in front of the class definition and in so doing apply to everything in the class.
This is apparently the fourth major error in this text."
I am not fully understand, do you still have any concern? Please feel free to feedback. Thanks
Best regards, Jeffrey Tan Microsoft Online Partner Support Get Secure! - www.microsoft.com/security This posting is provided "as is" with no warranties and confers no rights.
Hi Thom,
You are welcome!
If you have any further concern, please feel free to post, I will help you.
Best regards,
Jeffrey Tan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Noloader |
last post by:
Hello,
We are using Access Front End (ADP Project) and SQL Server 2000
backend. SQL Server is using NT Security.
We do not want the users to access the the underlying tables. So, we
went to each table and unchecked 'Select'. We also placed an 'X' in
all columns for guest and public account.
Next, we created a view. The view has 'Select' permission given to the
|
by: craig |
last post by:
I am working on my first .NET development project that involves custom
role-based security per the project requirements. This lead to a general
design issue this week that really caused us some concern. I have described
the situation below because we are very curious to see what other, more
experienced, developers might suggest. The specific classes and fields are
used just to illustrate the concepts.
Our application uses role-based...
|
by: Liet Kynes |
last post by:
I'm new to the .NET security framework, and I pose the following questions:
1) According to the documentation I've read .NET is promoting a role-based
security model centered around IPrincipal. What about granular user-based
security requirements? For example: I'm building a file repository app that
allows users to upload files to the application and share them with specific
users and groups/roles. Suppose we have three roles (officer,...
|
by: Mike Logan |
last post by:
Questions about Role Based Security in ASP.Net:
I have a few questions about role based security in an ASP.Net application.
Below are some points about our system:
- We have a hierarchical roles system stored in a database.
- We are also using Windows for authentication.
- Page - Role relationships are also held in a database.
- We have created a shared assembly for ease of use in applications.
|
by: Jason |
last post by:
Hi
I have a ASP.NET application where i would like to authenticate the
connecting users according to the Local Users and Groups on the web server.
I have the following code in the ASP.NET project.
private static void Demand(string groups)
{
WindowsIdentity processIdentity = WindowsIdentity.GetCurrent();
Console.WriteLine(processIdentity.Name);
| |
by: Dave Wurtz |
last post by:
All,
Does anyone have ideas how they have implemented field (property) level
security? I want to handle this from the business object level, not the
database level. Is it best to have a security checking method that gets
called in the property and throws an exception? If there are several
"fields" that are being accessed multiple times, does it hurt from a
performance perspective to have these exceptions thrown all of the time?
...
|
by: Ray Cassick \(Home\) |
last post by:
I am having a bit of a problem doing something that I was expecting to be
very straight forward. I am trying to declare a Role that needs to be
available before a specific class can be instantiated. My class code is set
up like this:
Imports System.Security
Imports System.Security.Permissions
Imports System.Security.Principal
<PrincipalPermission(SecurityAction.Demand, Role:="RUS\GEM_Admin")> _
|
by: Ray Cassick \(Home\) |
last post by:
I have some code that looks like this for one of my classes:
Imports System.Security
Imports System.Security.Permissions
Imports System.Security.Principal
<PrincipalPermission(SecurityAction.Demand, Role:="RUS\GEM_Admin")> _
Public Class GccAdmin
Public Sub New()
End Sub
|
by: VictorG |
last post by:
Hello,
I am trying to secure a webservice using WSE 3.0 and the turnkey
usernameForCertificateSecurity profile. I am passing a valid username
token, and on the server I have overridden the Authenticate token
call
and it is being called. My ASP.NET service has a Login() method and
it is being called during client application startup. Both the client
and service have matching policy config files. Once authentication
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |