469,282 Members | 2,034 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,282 developers. It's quick & easy.

MsTest and PrincipalPermissionAttribute Failure

I am reposting this for a colleague because he has had some problems setting
up his subscriber Nospam alias:

I am having problems unit testing a method which is decorated with the
[PrincipalPermission] attribute.
I always get a security exception. I have set the Thread.CurrentPrincipal
to my custom IPrincipal.IsInRole method never gets called

I have even tried
AppDomain.CurrentDomain.SetThreadPrincipal(myIPrin cipal)...with no luck.

Here is a basic example

[PrincipalPermission(SecurityAction.Demand, Role="MyRole")]
public void DoWork()
{
}
[TestMethod]
public void TestDoWork()
{
GenericPrincipal principal = new GenericPrincipal(
Thread.CurrentPrincipal.Identity, new string[] { "MyRole" });
Thread.CurrentPrincipal = principal;
DoWork();
Assert(....)
}
Environment: (all current with MicrosoftUpdate SPs and patches)
* VS2005 Team Suite
* .NET 2.0 and 3.0 redist and SDK
* Team Foundation Server

Feb 15 '07 #1
4 3524
Hello BJ,

From your description, you're meeting some problem to get the
"PrincipalPermission" demand to work in your vs 2005/.net 2.0 program,
correct?

I've performed some local tests through winform application, it seems that
the "PrincipalPermissionAttribute" can work correctly for custom
principal/identity or windows principal/identity associated with the
current thread. Also, according to the MSDN document, it indicate that we
should set AppDomain's PrincipalPolicy to "WindowsPrincipal" at
application's initializing time

#PrincipalPermissionAttribute Class
http://msdn2.microsoft.com/en-us/lib...ssions.princip
alpermissionattribute.aspx

My test code is as below, you can also have a test to see whether it works
for you:

=======================
private void btnSetPrincipal_Click(object sender, EventArgs e)
{
GenericIdentity identity = new
GenericIdentity("testuser", "customauth");

GenericPrincipal gp = new GenericPrincipal(identity, new
string[] { "role1", "role2" });

Thread.CurrentPrincipal = gp;

}

[PrincipalPermission( SecurityAction.Demand, Role="role1")]
private void btnDemand_Click(object sender, EventArgs e)
{
MessageBox.Show("success demand!");
}

private void Form1_Load(object sender, EventArgs e)
{

AppDomain.CurrentDomain.SetPrincipalPolicy(Princip alPolicy.WindowsPrincipal)
;
}
=========================
In addition, you can try programmatically construct a PrincipalPermission
class instance and call its "Demand" method to see whether it works. Also,
make sure your principal-demand method hasn't been called on a different
thread context(you can printout the thread's principal/identity context to
verify this).

If you have any further finding, please feel free to post here.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead

==================================================

Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscripti...ult.aspx#notif
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscripti...t/default.aspx.

==================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

Feb 16 '07 #2
Steven,

This is BJ's colleague who he is helping. There is no doubt that
[PrincipalPermission] works in the context you mention, but it is not working
in the context of a MSTest Unit Test. Please read thoroughly the description
of the problem. Refactor your code sample so that you can call
"btnDemand_Click" from a unit test and you will see the issue.

-Casey

"Steven Cheng[MSFT]" wrote:
Hello BJ,

From your description, you're meeting some problem to get the
"PrincipalPermission" demand to work in your vs 2005/.net 2.0 program,
correct?

I've performed some local tests through winform application, it seems that
the "PrincipalPermissionAttribute" can work correctly for custom
principal/identity or windows principal/identity associated with the
current thread. Also, according to the MSDN document, it indicate that we
should set AppDomain's PrincipalPolicy to "WindowsPrincipal" at
application's initializing time

#PrincipalPermissionAttribute Class
http://msdn2.microsoft.com/en-us/lib...ssions.princip
alpermissionattribute.aspx

My test code is as below, you can also have a test to see whether it works
for you:

=======================
private void btnSetPrincipal_Click(object sender, EventArgs e)
{
GenericIdentity identity = new
GenericIdentity("testuser", "customauth");

GenericPrincipal gp = new GenericPrincipal(identity, new
string[] { "role1", "role2" });

Thread.CurrentPrincipal = gp;

}

[PrincipalPermission( SecurityAction.Demand, Role="role1")]
private void btnDemand_Click(object sender, EventArgs e)
{
MessageBox.Show("success demand!");
}

private void Form1_Load(object sender, EventArgs e)
{

AppDomain.CurrentDomain.SetPrincipalPolicy(Princip alPolicy.WindowsPrincipal)
;
}
=========================
In addition, you can try programmatically construct a PrincipalPermission
class instance and call its "Demand" method to see whether it works. Also,
make sure your principal-demand method hasn't been called on a different
thread context(you can printout the thread's principal/identity context to
verify this).

If you have any further finding, please feel free to post here.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead

==================================================

Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscripti...ult.aspx#notif
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscripti...t/default.aspx.

==================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

Feb 16 '07 #3
Thanks for the reply, Steven.

It appears that setting the App domain's PrincipalPolicy is the key issue.
Based on your response, we found that we have to set the PrincipalPolicy as a
part of the initialization of each test for it to work in the testing
environment.

Thanks again for the prompt reply.

--BJ Safdie

"Steven Cheng[MSFT]" wrote:
Hello BJ,

From your description, you're meeting some problem to get the
"PrincipalPermission" demand to work in your vs 2005/.net 2.0 program,
correct?

I've performed some local tests through winform application, it seems that
the "PrincipalPermissionAttribute" can work correctly for custom
principal/identity or windows principal/identity associated with the
current thread. Also, according to the MSDN document, it indicate that we
should set AppDomain's PrincipalPolicy to "WindowsPrincipal" at
application's initializing time

#PrincipalPermissionAttribute Class
http://msdn2.microsoft.com/en-us/lib...ssions.princip
alpermissionattribute.aspx

My test code is as below, you can also have a test to see whether it works
for you:

=======================
private void btnSetPrincipal_Click(object sender, EventArgs e)
{
GenericIdentity identity = new
GenericIdentity("testuser", "customauth");

GenericPrincipal gp = new GenericPrincipal(identity, new
string[] { "role1", "role2" });

Thread.CurrentPrincipal = gp;

}

[PrincipalPermission( SecurityAction.Demand, Role="role1")]
private void btnDemand_Click(object sender, EventArgs e)
{
MessageBox.Show("success demand!");
}

private void Form1_Load(object sender, EventArgs e)
{

AppDomain.CurrentDomain.SetPrincipalPolicy(Princip alPolicy.WindowsPrincipal)
;
}
=========================
In addition, you can try programmatically construct a PrincipalPermission
class instance and call its "Demand" method to see whether it works. Also,
make sure your principal-demand method hasn't been called on a different
thread context(you can printout the thread's principal/identity context to
verify this).

If you have any further finding, please feel free to post here.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead

==================================================

Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscripti...ult.aspx#notif
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscripti...t/default.aspx.

==================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

Feb 16 '07 #4
Thanks for your reply BJ,

I just came back and see your followup. I also found your colleague Casey's
reply indicate that the problem may also be specfiic to the [TestMethod]
(test project) scenario, have you also got it working for that case also?
As Casey mentioned, I did only peform the test code in a normal console and
winform application and haven't do the exact test in the test project. So
if you still have the problem in that case, please feel free to let me
know, I'll help you continue work on it.

Anyway, glad that my suggestion has helped you.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead
This posting is provided "AS IS" with no warranties, and confers no rights.

Feb 19 '07 #5

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

10 posts views Thread by x2164 | last post: by
3 posts views Thread by Damaji Jambhale | last post: by
2 posts views Thread by JustaCowboy | last post: by
4 posts views Thread by J. Marshall Latham | last post: by
5 posts views Thread by Ron Louzon | last post: by
reply views Thread by Marty Cruise | last post: by
66 posts views Thread by Johan Tibell | last post: by
1 post views Thread by CARIGAR | last post: by
reply views Thread by zhoujie | last post: by
reply views Thread by suresh191 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.