Hi, can anybody please explain the following c# behaviour? I have written a small console application just to learn about CAS, but I can not seem to understand why the following lines of code work like they do: string[] myRoles = new string[] { "role1", "role2", "role3" }; GenericIdentity myIdentity = new GenericIdentity("myUsername", ...
I have a number of services that will be running under the security context of NT Authority\System as a Windows service (the services are NetTCP-based). There are six groups stored in Active Directory that will be allowed to access these services: Users Agents Approvers Administrators (three levels of admins) I know I can get the user ...
This is more of a curiosity than a request for help, but I noticed that when using PrincipalPermission and verifying a user is part of a specific group in Active Directory it will not use the true group name but instead validates against the pre-Windows 2000 group name instead. Ordinarily this wouldn't make a difference - unless someone ...
I am looking for some best practices on how to handle the following scenario - flowing permissions from WCF service layer through to UI: I have WCF services with methods that have been decorated with the PrincipalPermission attribute. I would like a means to allow a client to check if they have the required permissions before invoking t...
Hi, I've implemented a catch all security exceptions method in my global.asax like this... protected void Application_Error(object sender, EventArgs e) { Exception err = Server.GetLastError(); if (err is System.Security.SecurityException) Response.Redirect("~/Error/Roles.aspx); } Is there a property I can access that shows...
We have a WCF service using TCP binding, hosted in a Windows service. The WCF service is called by an ASP.NET web application. When the WCF service is called, I would like to check whether the calling identity is a member of a particular local group. A few ways to do this are: [PrincipalPermission(SecurityAction.Demand, Authenticated =...
I've been using PrincipalPermission for a while in wcf services. [PrincipalPermission(SecurityAction.Demand, Role = SecurityRoles.CanManageUsers)] although now i have a requirement to simplify roles by business unit. - currently aspnet_roles has fine grained can* permissions. Here is my approach and wanted to see if anyone can provide ...
I have a class attributed with [PrincipalPermission(SecurityAction.Demand, Authenticated = true)] public class MyProtectedClass { } This works as expected and callers are denied access when the current principal is not authenticated. In one specific scenario, I want this logic short-circuited...that is, the caller should not need to...
I worte a method with PrincipalPermissionAttrubute then i run this method but i get an exception - security exception. It happen cause i dont know who is the principal that running. I try to get the current principal by Thread.GetCurrntPrincipal() but i have a casting problem. My question is how i know the principal who running and...