2 // System.Security.SecurityContext class
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 using System.Runtime.InteropServices;
30 using System.Security.Permissions;
31 using System.Security.Principal;
32 using System.Threading;
34 namespace System.Security {
36 public sealed class SecurityContext
41 private bool _capture;
42 private IntPtr _winid;
43 private CompressedStack _stack;
44 private bool _suppressFlowWindowsIdentity;
45 private bool _suppressFlow;
47 internal SecurityContext ()
52 internal SecurityContext (SecurityContext sc)
57 if (sc._stack != null)
58 _stack = sc._stack.CreateCopy ();
62 public SecurityContext CreateCopy ()
65 throw new InvalidOperationException ();
67 return new SecurityContext (this);
72 static public SecurityContext Capture ()
74 SecurityContext sc = Thread.CurrentThread.ExecutionContext.SecurityContext;
75 if (sc.FlowSuppressed)
78 SecurityContext capture = new SecurityContext ();
79 capture._capture = true;
81 capture._winid = WindowsIdentity.GetCurrentToken ();
82 capture._stack = CompressedStack.Capture ();
88 public void Dispose ()
95 internal bool FlowSuppressed {
96 get { return _suppressFlow; }
97 set { _suppressFlow = value; }
100 internal bool WindowsIdentityFlowSuppressed {
101 get { return _suppressFlowWindowsIdentity; }
102 set { _suppressFlowWindowsIdentity = value; }
105 internal CompressedStack CompressedStack {
106 get { return _stack; }
107 set { _stack = value; }
110 internal IntPtr IdentityToken {
111 get { return _winid; }
112 set { _winid = value; }
115 // Suppressing the SecurityContext flow wasn't required before 2.0
117 static public bool IsFlowSuppressed ()
119 return Thread.CurrentThread.ExecutionContext.SecurityContext.FlowSuppressed;
122 static public bool IsWindowsIdentityFlowSuppressed ()
124 return Thread.CurrentThread.ExecutionContext.SecurityContext.WindowsIdentityFlowSuppressed;
127 static public void RestoreFlow ()
129 SecurityContext sc = Thread.CurrentThread.ExecutionContext.SecurityContext;
130 // if nothing is suppressed then throw
131 if (!sc.FlowSuppressed && !sc.WindowsIdentityFlowSuppressed)
132 throw new InvalidOperationException ();
134 sc.FlowSuppressed = false;
135 sc.WindowsIdentityFlowSuppressed = false;
138 // if you got the context then you can use it
139 [SecurityPermission (SecurityAction.Assert, ControlPrincipal = true)]
140 [SecurityPermission (SecurityAction.LinkDemand, Infrastructure = true)]
141 static public void Run (SecurityContext securityContext, ContextCallback callback, object state)
143 if (securityContext == null) {
144 throw new InvalidOperationException (Locale.GetText (
145 "Null SecurityContext"));
150 SecurityContext sc = Thread.CurrentThread.ExecutionContext.SecurityContext;
151 IPrincipal original = Thread.CurrentPrincipal;
153 if (sc.IdentityToken != IntPtr.Zero) {
154 Thread.CurrentPrincipal = new WindowsPrincipal (new WindowsIdentity (sc.IdentityToken));
157 // FIXME: is the security manager isn't active then we may not have
158 // a compressed stack (bug #78652)
159 if (securityContext.CompressedStack != null)
160 CompressedStack.Run (securityContext.CompressedStack, callback, state);
165 if ((original != null) && (sc.IdentityToken != IntPtr.Zero))
166 Thread.CurrentPrincipal = original;
171 [SecurityPermission (SecurityAction.LinkDemand, Infrastructure = true)]
172 static public AsyncFlowControl SuppressFlow ()
174 Thread t = Thread.CurrentThread;
175 // suppress both flows
176 t.ExecutionContext.SecurityContext.FlowSuppressed = true;
177 t.ExecutionContext.SecurityContext.WindowsIdentityFlowSuppressed = true;
178 return new AsyncFlowControl (t, AsyncFlowControlType.Security);
181 static public AsyncFlowControl SuppressFlowWindowsIdentity ()
183 Thread t = Thread.CurrentThread;
184 t.ExecutionContext.SecurityContext.WindowsIdentityFlowSuppressed = true;
185 return new AsyncFlowControl (t, AsyncFlowControlType.Security);