2 // System.Security.SecurityContext class
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 using System.Runtime.InteropServices;
30 using System.Security.Permissions;
31 using System.Security.Principal;
32 using System.Threading;
34 namespace System.Security {
36 public sealed class SecurityContext
39 private bool _capture;
40 private IntPtr _winid;
43 private CompressedStack _stack;
45 private bool _suppressFlowWindowsIdentity;
46 private bool _suppressFlow;
48 internal SecurityContext ()
53 internal SecurityContext (SecurityContext sc)
58 if (sc._stack != null)
59 _stack = sc._stack.CreateCopy ();
63 public SecurityContext CreateCopy ()
66 throw new InvalidOperationException ();
68 return new SecurityContext (this);
73 static public SecurityContext Capture ()
76 SecurityContext sc = Thread.CurrentThread.ExecutionContext.SecurityContext;
77 if (sc.FlowSuppressed)
81 SecurityContext capture = new SecurityContext ();
82 capture._capture = true;
84 capture._winid = WindowsIdentity.GetCurrentToken ();
85 capture._stack = CompressedStack.Capture ();
90 public void Dispose ()
96 internal bool FlowSuppressed {
97 get { return _suppressFlow; }
98 set { _suppressFlow = value; }
101 internal bool WindowsIdentityFlowSuppressed {
102 get { return _suppressFlowWindowsIdentity; }
103 set { _suppressFlowWindowsIdentity = value; }
107 internal CompressedStack CompressedStack {
108 get { return _stack; }
109 set { _stack = value; }
113 internal IntPtr IdentityToken {
114 get { return _winid; }
115 set { _winid = value; }
118 // Suppressing the SecurityContext flow wasn't required before 2.0
120 static public bool IsFlowSuppressed ()
125 return Thread.CurrentThread.ExecutionContext.SecurityContext.FlowSuppressed;
129 static public bool IsWindowsIdentityFlowSuppressed ()
134 return Thread.CurrentThread.ExecutionContext.SecurityContext.WindowsIdentityFlowSuppressed;
138 static public void RestoreFlow ()
141 SecurityContext sc = Thread.CurrentThread.ExecutionContext.SecurityContext;
142 // if nothing is suppressed then throw
143 if (!sc.FlowSuppressed && !sc.WindowsIdentityFlowSuppressed)
144 throw new InvalidOperationException ();
146 sc.FlowSuppressed = false;
147 sc.WindowsIdentityFlowSuppressed = false;
151 // if you got the context then you can use it
152 [SecurityPermission (SecurityAction.Assert, ControlPrincipal = true)]
153 [SecurityPermission (SecurityAction.LinkDemand, Infrastructure = true)]
154 static public void Run (SecurityContext securityContext, ContextCallback callback, object state)
156 if (securityContext == null) {
157 throw new InvalidOperationException (Locale.GetText (
158 "Null SecurityContext"));
163 SecurityContext sc = Thread.CurrentThread.ExecutionContext.SecurityContext;
164 IPrincipal original = Thread.CurrentPrincipal;
166 if (sc.IdentityToken != IntPtr.Zero) {
167 Thread.CurrentPrincipal = new WindowsPrincipal (new WindowsIdentity (sc.IdentityToken));
170 // FIXME: is the security manager isn't active then we may not have
171 // a compressed stack (bug #78652)
172 if (securityContext.CompressedStack != null)
173 CompressedStack.Run (securityContext.CompressedStack, callback, state);
178 if ((original != null) && (sc.IdentityToken != IntPtr.Zero))
179 Thread.CurrentPrincipal = original;
184 [SecurityPermission (SecurityAction.LinkDemand, Infrastructure = true)]
185 static public AsyncFlowControl SuppressFlow ()
188 throw new NotSupportedException ();
190 Thread t = Thread.CurrentThread;
191 // suppress both flows
192 t.ExecutionContext.SecurityContext.FlowSuppressed = true;
193 t.ExecutionContext.SecurityContext.WindowsIdentityFlowSuppressed = true;
194 return new AsyncFlowControl (t, AsyncFlowControlType.Security);
198 static public AsyncFlowControl SuppressFlowWindowsIdentity ()
201 throw new NotSupportedException ();
203 Thread t = Thread.CurrentThread;
204 t.ExecutionContext.SecurityContext.WindowsIdentityFlowSuppressed = true;
205 return new AsyncFlowControl (t, AsyncFlowControlType.Security);