Hi, In this code, I'd like the ReadFileSystem method to be forbidden to Assert a permission on the filesystem. I expected this will throw at fileIo.Assert(), but it doesn't. Why? using System.Security.Permissions; static void Main(string[] args) { var fileIo = new FileIOPermission(PermissionState.Unrestricted); var secuPerm = ...
I'm looking for a function that presents a high level D interface to an atomic CAS on Intel x86. I know I can do it with inline ASM (and if needed I will), but I'd rather just grab code from someone else if I can. ...
I'm doing some WinForms development, running XP and VS 2005 (ancient, I know). I'd like to make sure my application can run without admin rights, but I'm too lazy to try to run VS as a non-admin, and I don't want to log in and out to test my app. Is there a way I can just debug as a non-admin? Is there a set of code access securit...
I have code running in an ascx within PageLayout within SharePoint 2007 that accesses files on a remote server i.e. File.Create("\servername\sharename\folder\file.txt"). The code runs within a SharePoint web application that has CAS trust set to Full in the web.config. The File.Create throws the following exception:- System.Unauthoriz...
Hi, I'm deploying my web parts using the sharepoint solution mechanism. Untul now, everything worked fine, but when i added CAS policies to the manifest.xml file, the deployment doesn't work as it should. When deploying the solution with the CAS policies, there are no errors, but the policy file isn't created, the dll isn't copied, an...
I'm currently reading for the mcts exam and struggle a little with the chapters on security. How common is it to use the CAS-features? For what kind of application is it used? I can't say that I have missed the opportunities this system provides when developing native applications. Is this kind of security more important for managed app...
In the past I used to configure .NET code groups with the Mscorcfg.msc utility. I could launch it in Configuration Panel/Administration Tools/.NET configuration Tools (or something like that). But now, it doesn't appear anymore, I have tried to search in the %WINDIR% directory, but Mscorcfg.msc has really disappeared. Now, how can I co...
Hello All, I'm building a couple of ucercontrols. These usercontrols will be hosted within the return of the smartpart. The problem i'm facing is that my assembly that goes with them, is not properly provided with sufficient rights. To achive this you've (basically) got three options; 1. set the site to full trust level (do not want t...
Hi, If I provide Evidence to the .net framework on which code group my assembly belongs to, couldn't I provide false evidence stating that I belong in the Trusted Zone code group? I know what security policies are, permission sets but I don't understand how the framework checks the Evidence and then based on that evidence, determines t...
As stated here, the way evidence is loaded will change in .NET 4.0. How will this impact systems like SharePoint where you can specify exactly which permission will be granted for a dll in the wsp-package? Isn’t SharePoint using AppDomain.ExecuteAssembly(Name,Evidence) internally to make this possible, or am I missing something? ...
see also Is “Code Access Security” of any real world use? I want to get some other opinions on this... I like the idea of Code Access Security for desktop applications. But in the lifetime of .NET I have to admit I've never actually had a situation where CAS has actually blocked something to my benefit. I have, however, had many...
Hey Folks, I'm trying to utilize CAS to perform SSO on the same domain name. however i can't really understand CAS. does CAS provides user management or i have to implement it myself ? can i integrate ASP.NET membership provider into CAS as the athentication provider ? Thanks ! ...
I work for a department of a university that uses CAS to provide single-sign-on authentication, and am writing a CakePHP application that needs to use this CAS service. I need to write code that: Checks with the CAS server to see if the user is logged in Pulls some credentials from the server if so Checks the credentials against an int...
Hi All, I'm using a portalsitemapprovider object to create my navigation server control. I've assigned sharepoint object model access and impersonation rights in the controls CAS. However despite this I can't retrieve the child nodes of the root node of the sitemap, they just return an error. If I change the web app to run under full...
I've set up CAS for single sign on with my Spring+JSP webapp, but now I've found out that single sign out isn't actually logging me out of the applications. I've confirmed that if I go to the CAS logout page, I do receive a SAMLP logout request from CAS. When I go back to a secured page in the app, however, I get in without logging back ...
So; on a 64 bit SPARC CPU which is v9 compliant, there exists I know a cas instruction. This operates on single word length values. I've also seen on the web reference to a casx instruction - but I can't find out anything much more about it. I'm wondering - is this a double word compare and swap? And if not, the general question is; ...
Is there a library already created to talk with an CAS server via objective-c? I know there are many supported clients but have yet to find anything I can use on the iPhone. ...
I'm running the labs in MCTS 70-536 Training Kit chapter 11 about Code Access Security. I'm running XP Pro. The first lab creates an assembly which checks for different permissions and reports a message if they exist. However when I run it as \\\127.0.0.1\c$\ListPermissions.exe it is supposed to recognize being in the intranet zone and u...
I am required to implement SSO between Liferay and a number of PHP-based systems. Database used is MySQL. CAS will authenticate through Liferay user database, as well as through user database from System A and System B. The reason why each system use different user database is because they were developed by different teams, perhaps diff...
I've got a vague handle on how Code Access Security works in Sharepoint. I have developed a custom webpart and setup a CAS policy in my Manifest <CodeAccessSecurity> <PolicyItem> <PermissionSet class="NamedPermissionSet" version="1" Description="Permission set for Okana"> <IPermission class="Microsoft.SharePoint.Security.SharePo...