Hi
We have windows application and have created our own custom principle &
identity objects that implement IPrinciple and IIdentity. When a user logs
into our system we set the threads principle to our custom principle object
by calling Thread.CurrentP rinciple = blah. This all works great for role
based security. BUT lets say i want to run one line of code which causes an
imperative security demand:
Dns.GetHostName ();
CAS will now throw security exceptions when we try to run code that demands
permissions. I thought the following code might be a work around
IPrincipal currentPrincipl e = Thread.CurrentP rincipal;
try
{
Thread.CurrentP rincipal = new
WindowsPrincipa l(WindowsIdenti ty.GetCurrent() );
Dns.GetHostName ();
}
finally
{
Thread.CurrentP rincipal = currentPrincipl e;
}
But alas the DnsPermission.D emand() still throws a security exception. I
think the following article and quote might explain why
http://support.microsoft.com/default...b;en-us;318169
"Imperative security uses code that is executed at run time to enforce
security. At run time, when a Demand method is called from an Identity
Permission class, the call stack is evaluated to verify the code. If there
is a point in the call stack where assemblies that were previously called do
not have the same identity as the code, exceptions are thrown."
So, I wish to use alot of classes that have security demands in them but if
i use my own principle objects i can no longer use them. It seems to be a
wee bit of a conundrum. Anyone have any thoughts besides
tia
andrew