By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
429,053 Members | 1,615 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 429,053 IT Pros & Developers. It's quick & easy.

CAS and multiple permissions

P: n/a
Hi group,

I'm trying to use CAS in my project these days. And I find a problem, for
example:

[PrincipalPermission(SecurityAction.Demand,Role="Xx x")]
static void Exec()
{}

Then the caller of this method should be a member of role "Xxx". If I define
the method like this:

[PrincipalPermission(SecurityAction.Demand,Role="Xx x")]
[PrincipalPermission(SecurityAction.Demand,Role="Yy y")]
static void Exec()
{}

Then the caller should be a member of role "Xxx", or "Yyy". My question is,
how to define the PrincipalPermissionAttribute, and it needs both "Xxx" role
and "Yyy" role.

I've tried to define like this:
[PrincipalPermission(SecurityAction.Demand,Role="Xx x,Yyy")]

but failed.
Is it possible in CAS?

Thanks,
Sunmast
Nov 17 '05 #1
Share this Question
Share on Google+
4 Replies


P: n/a

Xia Wei wrote:
[PrincipalPermission(SecurityAction.Demand,Role="Xx x")]
[PrincipalPermission(SecurityAction.Demand,Role="Yy y")]
static void Exec()
{}

Then the caller should be a member of role "Xxx", or "Yyy". My question is, how to define the PrincipalPermissionAttribute, and it needs both "Xxx" role and "Yyy" role.


Are you sure? The above code looks like it should require the user to
have both roles.

Nov 17 '05 #2

P: n/a
The PrincipalPermissionAttribute has no mechanism for specifying membership
in one of several roles. This can, however, be done using an imperative
demand as shown in the example at
http://msdn.microsoft.com/library/en...ClassTopic.asp.

If you want to use declarative security to specify the principal permission,
you could use a PermissionSetAttribute with an XML representation of your
unioned PrincipalPermission. e.g. (watch out for wrapping):

[PermissionSet(SecurityAction.Demand, XML = "<PermissionSet><Permission
class=\"System.Security.Permissions.PrincipalPermi ssion, mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"
version=\"1\"><Identity Authenticated=\"true\" Role=\"Xxx\"/><Identity
Authenticated=\"true\" Role=\"Yyy\"/></Permission></PermissionSet>")]
static void Exec()
{}

HTH,
Nicole

"Xia Wei" <ip*****@gmail.com> wrote in message
news:d2***********@mail.cn99.com...
Hi group,

I'm trying to use CAS in my project these days. And I find a problem, for
example:

[PrincipalPermission(SecurityAction.Demand,Role="Xx x")]
static void Exec()
{}

Then the caller of this method should be a member of role "Xxx". If I
define
the method like this:

[PrincipalPermission(SecurityAction.Demand,Role="Xx x")]
[PrincipalPermission(SecurityAction.Demand,Role="Yy y")]
static void Exec()
{}

Then the caller should be a member of role "Xxx", or "Yyy". My question
is,
how to define the PrincipalPermissionAttribute, and it needs both "Xxx"
role
and "Yyy" role.

I've tried to define like this:
[PrincipalPermission(SecurityAction.Demand,Role="Xx x,Yyy")]

but failed.
Is it possible in CAS?

Thanks,
Sunmast

Nov 17 '05 #3

P: n/a
Hi, thanks for your advice!

But it seems a bit complicated...
Now I think the FCL's developers didn't had a think about this requirement?
Or they didn't recommand to do this...

Thanks,
Sunmast

"Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
The PrincipalPermissionAttribute has no mechanism for specifying
membership in one of several roles. This can, however, be done using an
imperative demand as shown in the example at
http://msdn.microsoft.com/library/en...ClassTopic.asp.

If you want to use declarative security to specify the principal
permission, you could use a PermissionSetAttribute with an XML
representation of your unioned PrincipalPermission. e.g. (watch out for
wrapping):

[PermissionSet(SecurityAction.Demand, XML = "<PermissionSet><Permission
class=\"System.Security.Permissions.PrincipalPermi ssion, mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"
version=\"1\"><Identity Authenticated=\"true\" Role=\"Xxx\"/><Identity
Authenticated=\"true\" Role=\"Yyy\"/></Permission></PermissionSet>")]
static void Exec()
{}

HTH,
Nicole


Nov 17 '05 #4

P: n/a
"Xia Wei" <ip*****@gmail.com> wrote in message
news:d2***********@mail.cn99.com...
Hi, thanks for your advice!

But it seems a bit complicated...
Now I think the FCL's developers didn't had a think about this
requirement?
It is a very common requirement, and I have no idea why the designers chose
not to support it directly via PrincipalPermissionAttribute. You could, if
you wish, author your own attribute that does support multiple roles.
However, custom permissions attributes are ignored completely unless their
assemblies are properly registered on the machine on which the code is
executing, so this may not be a useful approach in your case.

Or they didn't recommand to do this...
No idea. If the scenario is seen as common enough to merit coverage in the
code example for PrincipalPermission, it seems reasonable to expect
documentation of a declarative approach. If you feel strongly about it, you
may wish to submit a suggestion at
http://lab.msdn.microsoft.com/produc...k/default.aspx for version 2.0
of the .NET Framework.


Thanks,
Sunmast

"Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
The PrincipalPermissionAttribute has no mechanism for specifying
membership in one of several roles. This can, however, be done using an
imperative demand as shown in the example at
http://msdn.microsoft.com/library/en...ClassTopic.asp.

If you want to use declarative security to specify the principal
permission, you could use a PermissionSetAttribute with an XML
representation of your unioned PrincipalPermission. e.g. (watch out for
wrapping):

[PermissionSet(SecurityAction.Demand, XML = "<PermissionSet><Permission
class=\"System.Security.Permissions.PrincipalPermi ssion, mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"
version=\"1\"><Identity Authenticated=\"true\" Role=\"Xxx\"/><Identity
Authenticated=\"true\" Role=\"Yyy\"/></Permission></PermissionSet>")]
static void Exec()
{}

HTH,
Nicole

Nov 17 '05 #5

This discussion thread is closed

Replies have been disabled for this discussion.