By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,256 Members | 1,329 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,256 IT Pros & Developers. It's quick & easy.

Role bassed security question.

P: n/a
I am having a bit of a problem doing something that I was expecting to be
very straight forward. I am trying to declare a Role that needs to be
available before a specific class can be instantiated. My class code is set
up like this:

Imports System.Security
Imports System.Security.Permissions
Imports System.Security.Principal

<PrincipalPermission(SecurityAction.Demand, Role:="RUS\GEM_Admin")> _
Public Class GccAdmin
Public Sub New()
End Sub
End Class

I know that the current account I am logged on with is a member of the
GEM_Admin group because when I run this code:

AppDomain.CurrentDomain.SetPrincipalPolicy(Princip alPolicy.WindowsPrincipal)
Dim wp As WindowsPrincipal = System.Threading.Thread.CurrentPrincipal
Dim id As WindowsIdentity = wp.Identity
Dim idType As Type

idType = GetType(WindowsIdentity)
Dim result As Object = idType.InvokeMember("_GetRoles", _
BindingFlags.Static Or BindingFlags.InvokeMethod Or
BindingFlags.NonPublic, _
Nothing, id, New Object() {id.Token}, Nothing)

Dim roles() As String = DirectCast(result, String())

Dim i As Integer

For i = 0 To (roles.Length - 1)
If (Not roles(i) Is Nothing) Then
Debug.WriteLine(roles(i).ToString)

Else
Debug.WriteLine("---")

End If

Next

I see this listing:

RUS\Domain Users
Everyone
CASSICKR1\Debugger Users
BUILTIN\Administrators
BUILTIN\Users
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
---
LOCAL
RUS\BackOffice Internet Users
RUS\GEM_Admin
RUS\Domain Admins
RUS\GEM_Users

Can someone give me a hint as to why, when I try to create an instance of
the class tagged for a Role of GEM_Admin I get a 'An unhandled exception of
type 'System.Security.SecurityException' occurred in mscorlib.dll' message
when I try to create aninstance of the class as so:

Dim GccAdmin As GCC.GccAdmin
GccAdmin = New GCC.GccAdmin

--
Raymond R Cassick
CEO / CSA
Enterprocity Inc.
www.enterprocity.com
3380 Sheridan Drive, #143
Amherst, NY 14227
V: 716-316-7537
Blog: http://spaces.msn.com/members/rcassick/
Nov 21 '05 #1
Share this Question
Share on Google+
1 Reply


P: n/a
Well I figured it out.. Before I make the call to the GccAdmin constructor I
have to make this call:

AppDomain.CurrentDomain.SetPrincipalPolicy(Princip alPolicy.WindowsPrincipal)

"Ray Cassick (Home)" <rc************@enterprocity.com> wrote in message
news:er*************@TK2MSFTNGP15.phx.gbl...
I am having a bit of a problem doing something that I was expecting to be
very straight forward. I am trying to declare a Role that needs to be
available before a specific class can be instantiated. My class code is set
up like this:

Imports System.Security
Imports System.Security.Permissions
Imports System.Security.Principal

<PrincipalPermission(SecurityAction.Demand, Role:="RUS\GEM_Admin")> _
Public Class GccAdmin
Public Sub New()
End Sub
End Class

I know that the current account I am logged on with is a member of the
GEM_Admin group because when I run this code:

AppDomain.CurrentDomain.SetPrincipalPolicy(Princip alPolicy.WindowsPrincipal)
Dim wp As WindowsPrincipal = System.Threading.Thread.CurrentPrincipal
Dim id As WindowsIdentity = wp.Identity
Dim idType As Type

idType = GetType(WindowsIdentity)
Dim result As Object = idType.InvokeMember("_GetRoles", _
BindingFlags.Static Or BindingFlags.InvokeMethod Or
BindingFlags.NonPublic, _
Nothing, id, New Object() {id.Token}, Nothing)

Dim roles() As String = DirectCast(result, String())

Dim i As Integer

For i = 0 To (roles.Length - 1)
If (Not roles(i) Is Nothing) Then
Debug.WriteLine(roles(i).ToString)

Else
Debug.WriteLine("---")

End If

Next

I see this listing:

RUS\Domain Users
Everyone
CASSICKR1\Debugger Users
BUILTIN\Administrators
BUILTIN\Users
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
---
LOCAL
RUS\BackOffice Internet Users
RUS\GEM_Admin
RUS\Domain Admins
RUS\GEM_Users

Can someone give me a hint as to why, when I try to create an instance of
the class tagged for a Role of GEM_Admin I get a 'An unhandled exception
of type 'System.Security.SecurityException' occurred in mscorlib.dll'
message when I try to create aninstance of the class as so:

Dim GccAdmin As GCC.GccAdmin
GccAdmin = New GCC.GccAdmin

--
Raymond R Cassick
CEO / CSA
Enterprocity Inc.
www.enterprocity.com
3380 Sheridan Drive, #143
Amherst, NY 14227
V: 716-316-7537
Blog: http://spaces.msn.com/members/rcassick/

Nov 21 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.