Re: Design Question

From: Nicole Calinoiu (calinoiu)
Date: 12/22/04

Next message: Brian Brown: "RE: Plugins for Firefox?"
Previous message: Alex K.: "deleting a row in bound datagrid"
In reply to: John Lee: "Design Question"
Next in thread: Nicholas Paldino [.NET/C# MVP]: "Re: Design Question"
Reply: Nicholas Paldino [.NET/C# MVP]: "Re: Design Question"
Messages sorted by: [ date ] [ thread ]

Date: Wed, 22 Dec 2004 15:37:40 -0500

Yes, but it's probably not as simple as you might have hoped. Here are the
three main approaches:

1. Implement the check as a custom permission with a corresponding
attribute
(http://msdn.microsoft.com/library/en-us/cpguide/html/cpconcreatingyourowncodeaccesspermissions.asp).
This may be your best bet since you can presumably control whether the
attribute assembly is registered as a trusted assembly.

2. Place the actual method work in objects that inherit from
System.ContextBoundObject. This might interfere with your planned object
hierarchy, as well as introducing an otherwise unnecessary performance hit.

3. Use a tool like XC# (http://www.resolvecorp.com/Products.aspx) to
generate inline code that corresponds to your custom attribute.

If this truly is a security permission, #1 is probably the "cleanest"
approach. Otherwise, #3 would probably offer the best compromise between
design-time convenience and runtime performance.

HTH,
Nicole

"John Lee" <johnl@newsgroup.nospam> wrote in message
news:ejm4%237F6EHA.2180@TK2MSFTNGP10.phx.gbl...
> Hi,
>
> If I want to check permission on each public method of a web service,
> (assume the checking routine is ready to use and called AccessCheck) , one
> way of doing it is to call this AccessCheck on top of each public method,
> I want to implement it in different way but seems missing something -
>
> I want to develop a custom attribute, let's say
> SecurityCheckEnabledAttribute with only Yes/No parameter, then create a
> base class for all web service classes, Is there any way to capture the
> public method call from base class at runtime and then check if the
> attribute is being applied and then check the permission?
>
> Thanks a lot!
>
> Regards,
> John
>

Next message: Brian Brown: "RE: Plugins for Firefox?"
Previous message: Alex K.: "deleting a row in bound datagrid"
In reply to: John Lee: "Design Question"
Next in thread: Nicholas Paldino [.NET/C# MVP]: "Re: Design Question"
Reply: Nicholas Paldino [.NET/C# MVP]: "Re: Design Question"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: Roles and Permissions??
... use our custom permission. ... your other problem and actually get the custom permission to work ... > and PrincipalPermission were designed to do. ... > CodeAccessPermissionAttribute? ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: Custom Security Permission & Security Attribute troubles
... the permission and attribute in the "policy assemblies" list by using mscorcfg.msc ... > I'm trying to write a library that will allow me to add a custom ... > permission for my applications (let's call it ApplicationPermission ... > CodeAccessSecurityAttribute ...
(microsoft.public.dotnet.security)
Re: Manually set custom permissions based on User
... I need to define the code access policy per user role outside my source code ... > There is a permission you can demand called PrincipalPermission that can ... > also just call the IsInRole method on the custom IPrincipal to do the same ... the permission required to call the Calculator ...
(microsoft.public.dotnet.security)
Re: Problem with Event Log (long)
... I know that it can write to the custom event log but, unfortunately, this is ... ASP.NET process the right to read the Security account then everything ... doesn't have read permission for *all* of the event logs. ...
(microsoft.public.dotnet.framework.aspnet)
Design Question
... If I want to check permission on each public method of a web service, ... way of doing it is to call this AccessCheck on top of each public method, ...
(microsoft.public.dotnet.languages.csharp)