2 // System.Security.SecurityContext class
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 using System.Runtime.InteropServices;
30 using System.Security.Permissions;
31 using System.Security.Principal;
32 using System.Threading;
34 namespace System.Security {
36 public sealed class SecurityContext
41 private bool _capture;
42 private IntPtr _winid;
45 private CompressedStack _stack;
47 private bool _suppressFlowWindowsIdentity;
48 private bool _suppressFlow;
50 internal SecurityContext ()
55 internal SecurityContext (SecurityContext sc)
60 if (sc._stack != null)
61 _stack = sc._stack.CreateCopy ();
65 public SecurityContext CreateCopy ()
68 throw new InvalidOperationException ();
70 return new SecurityContext (this);
75 static public SecurityContext Capture ()
78 SecurityContext sc = Thread.CurrentThread.ExecutionContext.SecurityContext;
79 if (sc.FlowSuppressed)
83 SecurityContext capture = new SecurityContext ();
84 capture._capture = true;
86 capture._winid = WindowsIdentity.GetCurrentToken ();
87 capture._stack = CompressedStack.Capture ();
93 public void Dispose ()
100 internal bool FlowSuppressed {
101 get { return _suppressFlow; }
102 set { _suppressFlow = value; }
105 internal bool WindowsIdentityFlowSuppressed {
106 get { return _suppressFlowWindowsIdentity; }
107 set { _suppressFlowWindowsIdentity = value; }
111 internal CompressedStack CompressedStack {
112 get { return _stack; }
113 set { _stack = value; }
117 internal IntPtr IdentityToken {
118 get { return _winid; }
119 set { _winid = value; }
122 // Suppressing the SecurityContext flow wasn't required before 2.0
124 static public bool IsFlowSuppressed ()
129 return Thread.CurrentThread.ExecutionContext.SecurityContext.FlowSuppressed;
133 static public bool IsWindowsIdentityFlowSuppressed ()
138 return Thread.CurrentThread.ExecutionContext.SecurityContext.WindowsIdentityFlowSuppressed;
142 static public void RestoreFlow ()
145 SecurityContext sc = Thread.CurrentThread.ExecutionContext.SecurityContext;
146 // if nothing is suppressed then throw
147 if (!sc.FlowSuppressed && !sc.WindowsIdentityFlowSuppressed)
148 throw new InvalidOperationException ();
150 sc.FlowSuppressed = false;
151 sc.WindowsIdentityFlowSuppressed = false;
155 // if you got the context then you can use it
156 [SecurityPermission (SecurityAction.Assert, ControlPrincipal = true)]
157 [SecurityPermission (SecurityAction.LinkDemand, Infrastructure = true)]
158 static public void Run (SecurityContext securityContext, ContextCallback callback, object state)
160 if (securityContext == null) {
161 throw new InvalidOperationException (Locale.GetText (
162 "Null SecurityContext"));
167 SecurityContext sc = Thread.CurrentThread.ExecutionContext.SecurityContext;
168 IPrincipal original = Thread.CurrentPrincipal;
170 if (sc.IdentityToken != IntPtr.Zero) {
171 Thread.CurrentPrincipal = new WindowsPrincipal (new WindowsIdentity (sc.IdentityToken));
174 // FIXME: is the security manager isn't active then we may not have
175 // a compressed stack (bug #78652)
176 if (securityContext.CompressedStack != null)
177 CompressedStack.Run (securityContext.CompressedStack, callback, state);
182 if ((original != null) && (sc.IdentityToken != IntPtr.Zero))
183 Thread.CurrentPrincipal = original;
188 [SecurityPermission (SecurityAction.LinkDemand, Infrastructure = true)]
189 static public AsyncFlowControl SuppressFlow ()
192 throw new NotSupportedException ();
194 Thread t = Thread.CurrentThread;
195 // suppress both flows
196 t.ExecutionContext.SecurityContext.FlowSuppressed = true;
197 t.ExecutionContext.SecurityContext.WindowsIdentityFlowSuppressed = true;
198 return new AsyncFlowControl (t, AsyncFlowControlType.Security);
202 static public AsyncFlowControl SuppressFlowWindowsIdentity ()
205 throw new NotSupportedException ();
207 Thread t = Thread.CurrentThread;
208 t.ExecutionContext.SecurityContext.WindowsIdentityFlowSuppressed = true;
209 return new AsyncFlowControl (t, AsyncFlowControlType.Security);