2 // System.Security.SecurityContext class
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 using System
.Runtime
.InteropServices
;
30 using System
.Security
.Permissions
;
31 using System
.Security
.Principal
;
32 using System
.Threading
;
34 namespace System
.Security
{
36 public sealed class SecurityContext
{
37 private bool _capture
;
38 private IntPtr _winid
;
39 private CompressedStack _stack
;
40 private bool _suppressFlowWindowsIdentity
;
41 private bool _suppressFlow
;
43 internal SecurityContext ()
48 internal SecurityContext (SecurityContext sc
)
52 if (sc
._stack
!= null)
53 _stack
= sc
._stack
.CreateCopy ();
56 public SecurityContext
CreateCopy ()
59 throw new InvalidOperationException ();
61 return new SecurityContext (this);
66 static public SecurityContext
Capture ()
68 SecurityContext sc
= Thread
.CurrentThread
.ExecutionContext
.SecurityContext
;
69 if (sc
.FlowSuppressed
)
72 SecurityContext capture
= new SecurityContext ();
73 capture
._capture
= true;
74 capture
._winid
= WindowsIdentity
.GetCurrentToken ();
75 capture
._stack
= CompressedStack
.Capture ();
81 internal bool FlowSuppressed
{
82 get { return _suppressFlow; }
83 set { _suppressFlow = value; }
86 internal bool WindowsIdentityFlowSuppressed
{
87 get { return _suppressFlowWindowsIdentity; }
88 set { _suppressFlowWindowsIdentity = value; }
91 internal CompressedStack CompressedStack
{
92 get { return _stack; }
93 set { _stack = value; }
96 internal IntPtr IdentityToken
{
97 get { return _winid; }
98 set { _winid = value; }
101 // Suppressing the SecurityContext flow wasn't required before 2.0
103 static public bool IsFlowSuppressed ()
105 return Thread
.CurrentThread
.ExecutionContext
.SecurityContext
.FlowSuppressed
;
108 static public bool IsWindowsIdentityFlowSuppressed ()
110 return Thread
.CurrentThread
.ExecutionContext
.SecurityContext
.WindowsIdentityFlowSuppressed
;
113 static public void RestoreFlow ()
115 SecurityContext sc
= Thread
.CurrentThread
.ExecutionContext
.SecurityContext
;
116 // if nothing is suppressed then throw
117 if (!sc
.FlowSuppressed
&& !sc
.WindowsIdentityFlowSuppressed
)
118 throw new InvalidOperationException ();
120 sc
.FlowSuppressed
= false;
121 sc
.WindowsIdentityFlowSuppressed
= false;
124 // if you got the context then you can use it
125 [SecurityPermission (SecurityAction
.Assert
, ControlPrincipal
= true)]
126 [SecurityPermission (SecurityAction
.LinkDemand
, Infrastructure
= true)]
127 static public void Run (SecurityContext securityContext
, ContextCallback callback
, object state
)
129 if (securityContext
== null) {
130 throw new InvalidOperationException (Locale
.GetText (
131 "Null SecurityContext"));
134 SecurityContext sc
= Thread
.CurrentThread
.ExecutionContext
.SecurityContext
;
135 IPrincipal original
= Thread
.CurrentPrincipal
;
137 if (sc
.IdentityToken
!= IntPtr
.Zero
) {
138 Thread
.CurrentPrincipal
= new WindowsPrincipal (new WindowsIdentity (sc
.IdentityToken
));
141 // FIXME: is the security manager isn't active then we may not have
142 // a compressed stack (bug #78652)
143 if (securityContext
.CompressedStack
!= null)
144 CompressedStack
.Run (securityContext
.CompressedStack
, callback
, state
);
149 if ((original
!= null) && (sc
.IdentityToken
!= IntPtr
.Zero
))
150 Thread
.CurrentPrincipal
= original
;
154 [SecurityPermission (SecurityAction
.LinkDemand
, Infrastructure
= true)]
155 static public AsyncFlowControl
SuppressFlow ()
157 Thread t
= Thread
.CurrentThread
;
158 // suppress both flows
159 t
.ExecutionContext
.SecurityContext
.FlowSuppressed
= true;
160 t
.ExecutionContext
.SecurityContext
.WindowsIdentityFlowSuppressed
= true;
161 return new AsyncFlowControl (t
, AsyncFlowControlType
.Security
);
164 static public AsyncFlowControl
SuppressFlowWindowsIdentity ()
166 Thread t
= Thread
.CurrentThread
;
167 t
.ExecutionContext
.SecurityContext
.WindowsIdentityFlowSuppressed
= true;
168 return new AsyncFlowControl (t
, AsyncFlowControlType
.Security
);