Fix for running against RabbitMQ 2.2

[mono.git] / mcs / class / System.Web / System.Web.Security / UrlAuthorizationModule.cs

diff --git a/mcs/class/System.Web/System.Web.Security/UrlAuthorizationModule.cs b/mcs/class/System.Web/System.Web.Security/UrlAuthorizationModule.cs
index 0d6d82de8c1e4dff4f8a098625f32b28dc888592..5dbda09026eae124aa915749d4010c58cc1fb9cf 100644 (file)
--- a/mcs/class/System.Web/System.Web.Security/UrlAuthorizationModule.cs
+++ b/mcs/class/System.Web/System.Web.Security/UrlAuthorizationModule.cs
@@ -5,8 +5,7 @@
 //     Gonzalo Paniagua Javier (gonzalo@ximian.com)
 //
 // (C) 2002,2003 Ximian, Inc (http://www.ximian.com)
-//
-
+// Copyright (c) 2005 Novell, Inc (http://www.novell.com)
 //
 // Permission is hereby granted, free of charge, to any person obtaining
 // a copy of this software and associated documentation files (the
@@ -28,15 +27,18 @@
 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 //
 
-using System;
-using System.Web;
+using System.Configuration;
 using System.Web.Configuration;
+using System.Security.Permissions;
 using System.Security.Principal;
 
 namespace System.Web.Security
 {
+       // CAS - no InheritanceDemand here as the class is sealed
+       [AspNetHostingPermission (SecurityAction.LinkDemand, Level = AspNetHostingPermissionLevel.Minimal)]
        public sealed class UrlAuthorizationModule : IHttpModule
        {
+               [SecurityPermission (SecurityAction.Demand, UnmanagedCode = true)]
                public UrlAuthorizationModule ()
                {
                }
@@ -54,21 +56,34 @@ namespace System.Web.Security
                {
                        HttpApplication app = (HttpApplication) sender;
                        HttpContext context = app.Context;
-                       if (context.SkipAuthorization)
+                       if (context == null || context.SkipAuthorization)
                                return;
 
+                       HttpRequest req = context.Request;
+#if NET_2_0
+                       AuthorizationSection config = (AuthorizationSection) WebConfigurationManager.GetSection ("system.web/authorization", req.Path, context);
+#else
                        AuthorizationConfig config = (AuthorizationConfig) context.GetConfig ("system.web/authorization");
                        if (config == null)
                                return;
-
-                       if (!config.IsValidUser (context.User, context.Request.HttpMethod)) {
-                               HttpException e =  new HttpException (401, "Unauthorized");
+#endif
+                       if (!config.IsValidUser (context.User, req.HttpMethod)) {
+                               HttpException e = new HttpException (401, "Unauthorized");
+                               HttpResponse response = context.Response;
                                
-                               context.Response.StatusCode = 401;
-                               context.Response.Write (e.GetHtmlErrorMessage ());
+                               response.StatusCode = 401;
+                               response.Write (e.GetHtmlErrorMessage ());
                                app.CompleteRequest ();
                        }
                }
+
+#if NET_2_0
+               [MonoTODO ("Not implemented")]
+               public static bool CheckUrlAccessForPrincipal (string virtualPath, IPrincipal user, string verb)
+               {
+                       throw new NotImplementedException ();
+               }
+#endif
        }
 }