Custom CodeAccessSecurityAttribute

Re: Custom CodeAccessSecur ityAttribute

Martin -
the right thing to do is to put the assembly containing attribute
implementation in the GAC and add it to the fully trusted assemblies list
(caspol -af).
Hope this helps.
--Ivan

This message is provided "AS IS" with no warranties, and confers no rights.


"Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
news:Opc0I6mnDH A.1708@TK2MSFTN GP12.phx.gbl...[color=blue]
> I try to make a custom CodeAccessSecur ityAttribute, but hit the wall at
> every corner.
>
> I created a simple custom security attribute, which is working (see[/color]
below).[color=blue]
> But...
> 1) I have to put the assembly in "C:\Program Files\Microsoft Visual Studio
> .NET 2003\Common7\ID E": shoudn't it be the application's directory[/color]
instead?[color=blue]
> 2) I'm unable to debug it.
>
> Any clues as how to change the required directory and how to debug the
> assembly?
>
> (The goal is, in the end, to access a database in the attribute.)
>
> Thanks!
>
> Martin
>
> ==== Code ====
>
> [AttributeUsage( AttributeTarget s.Method)]
> public class CustomPermissio nAttribute : CodeAccessSecur ityAttribute
> {
> public CustomPermissio nAttribute(Secu rityAction action)
> : base(action)
> {}
> public override IPermission CreatePermissio n()
> { return new PrincipalPermis sion("john", "role"); }
> }
>
>[/color]

Re: Custom CodeAccessSecur ityAttribute

Thanks, but do you know how I can debug such an assembly ?

"Ivan Medvedev [MS]" <ivanmed@online .microsoft.com> wrote in message
news:OXrqbDloDH A.1632@TK2MSFTN GP10.phx.gbl...[color=blue]
> Martin -
> the right thing to do is to put the assembly containing attribute
> implementation in the GAC and add it to the fully trusted assemblies list
> (caspol -af).
> Hope this helps.
> --Ivan
> http://blogs.gotdotnet.com/ivanmed
> This message is provided "AS IS" with no warranties, and confers no[/color]
rights.[color=blue]
>
>
> "Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
> news:Opc0I6mnDH A.1708@TK2MSFTN GP12.phx.gbl...[color=green]
> > I try to make a custom CodeAccessSecur ityAttribute, but hit the wall at
> > every corner.
> >
> > I created a simple custom security attribute, which is working (see[/color]
> below).[color=green]
> > But...
> > 1) I have to put the assembly in "C:\Program Files\Microsoft Visual[/color][/color]
Studio[color=blue][color=green]
> > .NET 2003\Common7\ID E": shoudn't it be the application's directory[/color]
> instead?[color=green]
> > 2) I'm unable to debug it.
> >
> > Any clues as how to change the required directory and how to debug the
> > assembly?
> >
> > (The goal is, in the end, to access a database in the attribute.)
> >
> > Thanks!
> >
> > Martin
> >
> > ==== Code ====
> >
> > [AttributeUsage( AttributeTarget s.Method)]
> > public class CustomPermissio nAttribute : CodeAccessSecur ityAttribute
> > {
> > public CustomPermissio nAttribute(Secu rityAction action)
> > : base(action)
> > {}
> > public override IPermission CreatePermissio n()
> > { return new PrincipalPermis sion("john", "role"); }
> > }
> >
> >[/color]
>
>[/color]

Re: Custom CodeAccessSecur ityAttribute

Martin -
what debugging problems are you having? Do you have the rigth debug symbols
at the right place? Are you using VS or cordbg?
--Ivan

This message is provided "AS IS" with no warranties, and confers no rights.


"Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
news:eFDXjSuoDH A.2216@TK2MSFTN GP12.phx.gbl...[color=blue]
> Thanks, but do you know how I can debug such an assembly ?
>
> "Ivan Medvedev [MS]" <ivanmed@online .microsoft.com> wrote in message
> news:OXrqbDloDH A.1632@TK2MSFTN GP10.phx.gbl...[color=green]
> > Martin -
> > the right thing to do is to put the assembly containing attribute
> > implementation in the GAC and add it to the fully trusted assemblies[/color][/color]
list[color=blue][color=green]
> > (caspol -af).
> > Hope this helps.
> > --Ivan
> > http://blogs.gotdotnet.com/ivanmed
> > This message is provided "AS IS" with no warranties, and confers no[/color]
> rights.[color=green]
> >
> >
> > "Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
> > news:Opc0I6mnDH A.1708@TK2MSFTN GP12.phx.gbl...[color=darkred]
> > > I try to make a custom CodeAccessSecur ityAttribute, but hit the wall[/color][/color][/color]
at[color=blue][color=green][color=darkred]
> > > every corner.
> > >
> > > I created a simple custom security attribute, which is working (see[/color]
> > below).[color=darkred]
> > > But...
> > > 1) I have to put the assembly in "C:\Program Files\Microsoft Visual[/color][/color]
> Studio[color=green][color=darkred]
> > > .NET 2003\Common7\ID E": shoudn't it be the application's directory[/color]
> > instead?[color=darkred]
> > > 2) I'm unable to debug it.
> > >
> > > Any clues as how to change the required directory and how to debug the
> > > assembly?
> > >
> > > (The goal is, in the end, to access a database in the attribute.)
> > >
> > > Thanks!
> > >
> > > Martin
> > >
> > > ==== Code ====
> > >
> > > [AttributeUsage( AttributeTarget s.Method)]
> > > public class CustomPermissio nAttribute : CodeAccessSecur ityAttribute
> > > {
> > > public CustomPermissio nAttribute(Secu rityAction action)
> > > : base(action)
> > > {}
> > > public override IPermission CreatePermissio n()
> > > { return new PrincipalPermis sion("john", "role"); }
> > > }
> > >
> > >[/color]
> >
> >[/color]
>
>[/color]

Re: Custom CodeAccessSecur ityAttribute

I use VS and the attribute is in the GAC (I can see that its code is
executed). But I can't step-in the code of the attribute assembly. It's kind
of called by the framework somewhere. I need to be able to debug the
attribute assembly to add more sophisticated code. Do you know how to debug
that assembly?

Thanks again for any help!

PS: Right now, I'm testing with a pretty basic attribute:

[AttributeUsage( AttributeTarget s.Method)]
public class CustomPermissio nAttribute : CodeAccessSecur ityAttribute
{
public CustomPermissio nAttribute(Secu rityAction action)
: base(action)
{
}

public override IPermission CreatePermissio n()
{
return new PrincipalPermis sion("User");
}
}

"Ivan Medvedev [MS]" <ivanmed@online .microsoft.com> wrote in message
news:OZ9%23Yzvo DHA.2000@TK2MSF TNGP12.phx.gbl. ..[color=blue]
> Martin -
> what debugging problems are you having? Do you have the rigth debug[/color]
symbols[color=blue]
> at the right place? Are you using VS or cordbg?
> --Ivan
> http://blogs.gotdotnet.com/ivanmed
> This message is provided "AS IS" with no warranties, and confers no[/color]
rights.[color=blue]
>
>
> "Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
> news:eFDXjSuoDH A.2216@TK2MSFTN GP12.phx.gbl...[color=green]
> > Thanks, but do you know how I can debug such an assembly ?
> >
> > "Ivan Medvedev [MS]" <ivanmed@online .microsoft.com> wrote in message
> > news:OXrqbDloDH A.1632@TK2MSFTN GP10.phx.gbl...[color=darkred]
> > > Martin -
> > > the right thing to do is to put the assembly containing attribute
> > > implementation in the GAC and add it to the fully trusted assemblies[/color][/color]
> list[color=green][color=darkred]
> > > (caspol -af).
> > > Hope this helps.
> > > --Ivan
> > > http://blogs.gotdotnet.com/ivanmed
> > > This message is provided "AS IS" with no warranties, and confers no[/color]
> > rights.[color=darkred]
> > >
> > >
> > > "Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
> > > news:Opc0I6mnDH A.1708@TK2MSFTN GP12.phx.gbl...
> > > > I try to make a custom CodeAccessSecur ityAttribute, but hit the wall[/color][/color]
> at[color=green][color=darkred]
> > > > every corner.
> > > >
> > > > I created a simple custom security attribute, which is working (see
> > > below).
> > > > But...
> > > > 1) I have to put the assembly in "C:\Program Files\Microsoft Visual[/color]
> > Studio[color=darkred]
> > > > .NET 2003\Common7\ID E": shoudn't it be the application's directory
> > > instead?
> > > > 2) I'm unable to debug it.
> > > >
> > > > Any clues as how to change the required directory and how to debug[/color][/color][/color]
the[color=blue][color=green][color=darkred]
> > > > assembly?
> > > >
> > > > (The goal is, in the end, to access a database in the attribute.)
> > > >
> > > > Thanks!
> > > >
> > > > Martin
> > > >
> > > > ==== Code ====
> > > >
> > > > [AttributeUsage( AttributeTarget s.Method)]
> > > > public class CustomPermissio nAttribute :[/color][/color][/color]
CodeAccessSecur ityAttribute[color=blue][color=green][color=darkred]
> > > > {
> > > > public CustomPermissio nAttribute(Secu rityAction action)
> > > > : base(action)
> > > > {}
> > > > public override IPermission CreatePermissio n()
> > > > { return new PrincipalPermis sion("john", "role"); }
> > > > }
> > > >
> > > >
> > >
> > >[/color]
> >
> >[/color]
>
>[/color]

Re: Custom CodeAccessSecur ityAttribute

Martin -
you won't be able to step-in because there is no explicit call into the
attribute code. Try setting a breakpoint and then starting the process being
debugger. In the 'Modules' window make sure the debug symbols are loaded for
the module containing the attribute implementation.
--Ivan

This posting is provided "AS IS" with no warranties, and confers no rights

"Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
news:O2ngLg%23o DHA.1020@TK2MSF TNGP09.phx.gbl. ..[color=blue]
> I use VS and the attribute is in the GAC (I can see that its code is
> executed). But I can't step-in the code of the attribute assembly. It's[/color]
kind[color=blue]
> of called by the framework somewhere. I need to be able to debug the
> attribute assembly to add more sophisticated code. Do you know how to[/color]
debug[color=blue]
> that assembly?
>
> Thanks again for any help!
>
> PS: Right now, I'm testing with a pretty basic attribute:
>
> [AttributeUsage( AttributeTarget s.Method)]
> public class CustomPermissio nAttribute : CodeAccessSecur ityAttribute
> {
> public CustomPermissio nAttribute(Secu rityAction action)
> : base(action)
> {
> }
>
> public override IPermission CreatePermissio n()
> {
> return new PrincipalPermis sion("User");
> }
> }
>
> "Ivan Medvedev [MS]" <ivanmed@online .microsoft.com> wrote in message
> news:OZ9%23Yzvo DHA.2000@TK2MSF TNGP12.phx.gbl. ..[color=green]
> > Martin -
> > what debugging problems are you having? Do you have the rigth debug[/color]
> symbols[color=green]
> > at the right place? Are you using VS or cordbg?
> > --Ivan
> > http://blogs.gotdotnet.com/ivanmed
> > This message is provided "AS IS" with no warranties, and confers no[/color]
> rights.[color=green]
> >
> >
> > "Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
> > news:eFDXjSuoDH A.2216@TK2MSFTN GP12.phx.gbl...[color=darkred]
> > > Thanks, but do you know how I can debug such an assembly ?
> > >
> > > "Ivan Medvedev [MS]" <ivanmed@online .microsoft.com> wrote in message
> > > news:OXrqbDloDH A.1632@TK2MSFTN GP10.phx.gbl...
> > > > Martin -
> > > > the right thing to do is to put the assembly containing attribute
> > > > implementation in the GAC and add it to the fully trusted assemblies[/color]
> > list[color=darkred]
> > > > (caspol -af).
> > > > Hope this helps.
> > > > --Ivan
> > > > http://blogs.gotdotnet.com/ivanmed
> > > > This message is provided "AS IS" with no warranties, and confers no
> > > rights.
> > > >
> > > >
> > > > "Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
> > > > news:Opc0I6mnDH A.1708@TK2MSFTN GP12.phx.gbl...
> > > > > I try to make a custom CodeAccessSecur ityAttribute, but hit the[/color][/color][/color]
wall[color=blue][color=green]
> > at[color=darkred]
> > > > > every corner.
> > > > >
> > > > > I created a simple custom security attribute, which is working[/color][/color][/color]
(see[color=blue][color=green][color=darkred]
> > > > below).
> > > > > But...
> > > > > 1) I have to put the assembly in "C:\Program Files\Microsoft[/color][/color][/color]
Visual[color=blue][color=green][color=darkred]
> > > Studio
> > > > > .NET 2003\Common7\ID E": shoudn't it be the application's directory
> > > > instead?
> > > > > 2) I'm unable to debug it.
> > > > >
> > > > > Any clues as how to change the required directory and how to debug[/color][/color]
> the[color=green][color=darkred]
> > > > > assembly?
> > > > >
> > > > > (The goal is, in the end, to access a database in the attribute.)
> > > > >
> > > > > Thanks!
> > > > >
> > > > > Martin
> > > > >
> > > > > ==== Code ====
> > > > >
> > > > > [AttributeUsage( AttributeTarget s.Method)]
> > > > > public class CustomPermissio nAttribute :[/color][/color]
> CodeAccessSecur ityAttribute[color=green][color=darkred]
> > > > > {
> > > > > public CustomPermissio nAttribute(Secu rityAction action)
> > > > > : base(action)
> > > > > {}
> > > > > public override IPermission CreatePermissio n()
> > > > > { return new PrincipalPermis sion("john", "role"); }
> > > > > }
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >[/color]
> >
> >[/color]
>
>[/color]

Re: Custom CodeAccessSecur ityAttribute

Ivan, we're getting closer, but it's not working: I've made sure to load the
module; I've even added a static method to the attribute that I call before
using the attribute (I can step into that method). BUT I can't step in the
instance method (breakpoints can be set but don't work). The feeling I have
is that for security, the assembly containing the attribute is loaded by the
framework in some other process (???).

I also tried asserting the method to find my way in, but noting came up.

"Ivan Medvedev [MS]" <ivanmed@online .microsoft.com> wrote in message
news:eEIoqG$oDH A.1740@TK2MSFTN GP12.phx.gbl...[color=blue]
> Martin -
> you won't be able to step-in because there is no explicit call into the
> attribute code. Try setting a breakpoint and then starting the process[/color]
being[color=blue]
> debugger. In the 'Modules' window make sure the debug symbols are loaded[/color]
for[color=blue]
> the module containing the attribute implementation.
> --Ivan
> http://blogs.gotdotnet.com/ivanmed
> This posting is provided "AS IS" with no warranties, and confers no rights
>
> "Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
> news:O2ngLg%23o DHA.1020@TK2MSF TNGP09.phx.gbl. ..[color=green]
> > I use VS and the attribute is in the GAC (I can see that its code is
> > executed). But I can't step-in the code of the attribute assembly. It's[/color]
> kind[color=green]
> > of called by the framework somewhere. I need to be able to debug the
> > attribute assembly to add more sophisticated code. Do you know how to[/color]
> debug[color=green]
> > that assembly?
> >
> > Thanks again for any help!
> >
> > PS: Right now, I'm testing with a pretty basic attribute:
> >
> > [AttributeUsage( AttributeTarget s.Method)]
> > public class CustomPermissio nAttribute : CodeAccessSecur ityAttribute
> > {
> > public CustomPermissio nAttribute(Secu rityAction action)
> > : base(action)
> > {
> > }
> >
> > public override IPermission CreatePermissio n()
> > {
> > return new PrincipalPermis sion("User");
> > }
> > }
> >
> > "Ivan Medvedev [MS]" <ivanmed@online .microsoft.com> wrote in message
> > news:OZ9%23Yzvo DHA.2000@TK2MSF TNGP12.phx.gbl. ..[color=darkred]
> > > Martin -
> > > what debugging problems are you having? Do you have the rigth debug[/color]
> > symbols[color=darkred]
> > > at the right place? Are you using VS or cordbg?
> > > --Ivan
> > > http://blogs.gotdotnet.com/ivanmed
> > > This message is provided "AS IS" with no warranties, and confers no[/color]
> > rights.[color=darkred]
> > >
> > >
> > > "Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
> > > news:eFDXjSuoDH A.2216@TK2MSFTN GP12.phx.gbl...
> > > > Thanks, but do you know how I can debug such an assembly ?
> > > >
> > > > "Ivan Medvedev [MS]" <ivanmed@online .microsoft.com> wrote in message
> > > > news:OXrqbDloDH A.1632@TK2MSFTN GP10.phx.gbl...
> > > > > Martin -
> > > > > the right thing to do is to put the assembly containing attribute
> > > > > implementation in the GAC and add it to the fully trusted[/color][/color][/color]
assemblies[color=blue][color=green][color=darkred]
> > > list
> > > > > (caspol -af).
> > > > > Hope this helps.
> > > > > --Ivan
> > > > > http://blogs.gotdotnet.com/ivanmed
> > > > > This message is provided "AS IS" with no warranties, and confers[/color][/color][/color]
no[color=blue][color=green][color=darkred]
> > > > rights.
> > > > >
> > > > >
> > > > > "Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
> > > > > news:Opc0I6mnDH A.1708@TK2MSFTN GP12.phx.gbl...
> > > > > > I try to make a custom CodeAccessSecur ityAttribute, but hit the[/color][/color]
> wall[color=green][color=darkred]
> > > at
> > > > > > every corner.
> > > > > >
> > > > > > I created a simple custom security attribute, which is working[/color][/color]
> (see[color=green][color=darkred]
> > > > > below).
> > > > > > But...
> > > > > > 1) I have to put the assembly in "C:\Program Files\Microsoft[/color][/color]
> Visual[color=green][color=darkred]
> > > > Studio
> > > > > > .NET 2003\Common7\ID E": shoudn't it be the application's[/color][/color][/color]
directory[color=blue][color=green][color=darkred]
> > > > > instead?
> > > > > > 2) I'm unable to debug it.
> > > > > >
> > > > > > Any clues as how to change the required directory and how to[/color][/color][/color]
debug[color=blue][color=green]
> > the[color=darkred]
> > > > > > assembly?
> > > > > >
> > > > > > (The goal is, in the end, to access a database in the[/color][/color][/color]
attribute.)[color=blue][color=green][color=darkred]
> > > > > >
> > > > > > Thanks!
> > > > > >
> > > > > > Martin
> > > > > >
> > > > > > ==== Code ====
> > > > > >
> > > > > > [AttributeUsage( AttributeTarget s.Method)]
> > > > > > public class CustomPermissio nAttribute :[/color]
> > CodeAccessSecur ityAttribute[color=darkred]
> > > > > > {
> > > > > > public CustomPermissio nAttribute(Secu rityAction action)
> > > > > > : base(action)
> > > > > > {}
> > > > > > public override IPermission CreatePermissio n()
> > > > > > { return new PrincipalPermis sion("john", "role"); }
> > > > > > }
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >[/color]
> >
> >[/color]
>
>[/color]

Re: Custom CodeAccessSecur ityAttribute

Well, that will probably be my last comment on this. I've added a file trace
in the attribute. The funny thing is that the trace is written to the file
when the assembly that uses the attribute is COMPILED. My conclusion is that
the *code access security* attribute is tested between the assemblies at
compile time and not at runtime, and that all the appropriate security info
is set in the using assembly's metadata. I guess that if I want to debug the
attribute dll, I have to use the compiler as the executing process. Far too
much trouble for what I need. Weird issue.

Martin

"Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
news:OobBUmHpDH A.2964@tk2msftn gp13.phx.gbl...[color=blue]
> Ivan, we're getting closer, but it's not working: I've made sure to load[/color]
the[color=blue]
> module; I've even added a static method to the attribute that I call[/color]
before[color=blue]
> using the attribute (I can step into that method). BUT I can't step in the
> instance method (breakpoints can be set but don't work). The feeling I[/color]
have[color=blue]
> is that for security, the assembly containing the attribute is loaded by[/color]
the[color=blue]
> framework in some other process (???).
>
> I also tried asserting the method to find my way in, but noting came up.
>
> "Ivan Medvedev [MS]" <ivanmed@online .microsoft.com> wrote in message
> news:eEIoqG$oDH A.1740@TK2MSFTN GP12.phx.gbl...[color=green]
> > Martin -
> > you won't be able to step-in because there is no explicit call into the
> > attribute code. Try setting a breakpoint and then starting the process[/color]
> being[color=green]
> > debugger. In the 'Modules' window make sure the debug symbols are loaded[/color]
> for[color=green]
> > the module containing the attribute implementation.
> > --Ivan
> > http://blogs.gotdotnet.com/ivanmed
> > This posting is provided "AS IS" with no warranties, and confers no[/color][/color]
rights[color=blue][color=green]
> >
> > "Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
> > news:O2ngLg%23o DHA.1020@TK2MSF TNGP09.phx.gbl. ..[color=darkred]
> > > I use VS and the attribute is in the GAC (I can see that its code is
> > > executed). But I can't step-in the code of the attribute assembly.[/color][/color][/color]
It's[color=blue][color=green]
> > kind[color=darkred]
> > > of called by the framework somewhere. I need to be able to debug the
> > > attribute assembly to add more sophisticated code. Do you know how to[/color]
> > debug[color=darkred]
> > > that assembly?
> > >
> > > Thanks again for any help!
> > >
> > > PS: Right now, I'm testing with a pretty basic attribute:
> > >
> > > [AttributeUsage( AttributeTarget s.Method)]
> > > public class CustomPermissio nAttribute : CodeAccessSecur ityAttribute
> > > {
> > > public CustomPermissio nAttribute(Secu rityAction action)
> > > : base(action)
> > > {
> > > }
> > >
> > > public override IPermission CreatePermissio n()
> > > {
> > > return new PrincipalPermis sion("User");
> > > }
> > > }
> > >
> > > "Ivan Medvedev [MS]" <ivanmed@online .microsoft.com> wrote in message
> > > news:OZ9%23Yzvo DHA.2000@TK2MSF TNGP12.phx.gbl. ..
> > > > Martin -
> > > > what debugging problems are you having? Do you have the rigth debug
> > > symbols
> > > > at the right place? Are you using VS or cordbg?
> > > > --Ivan
> > > > http://blogs.gotdotnet.com/ivanmed
> > > > This message is provided "AS IS" with no warranties, and confers no
> > > rights.
> > > >
> > > >
> > > > "Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
> > > > news:eFDXjSuoDH A.2216@TK2MSFTN GP12.phx.gbl...
> > > > > Thanks, but do you know how I can debug such an assembly ?
> > > > >
> > > > > "Ivan Medvedev [MS]" <ivanmed@online .microsoft.com> wrote in[/color][/color][/color]
message[color=blue][color=green][color=darkred]
> > > > > news:OXrqbDloDH A.1632@TK2MSFTN GP10.phx.gbl...
> > > > > > Martin -
> > > > > > the right thing to do is to put the assembly containing[/color][/color][/color]
attribute[color=blue][color=green][color=darkred]
> > > > > > implementation in the GAC and add it to the fully trusted[/color][/color]
> assemblies[color=green][color=darkred]
> > > > list
> > > > > > (caspol -af).
> > > > > > Hope this helps.
> > > > > > --Ivan
> > > > > > http://blogs.gotdotnet.com/ivanmed
> > > > > > This message is provided "AS IS" with no warranties, and confers[/color][/color]
> no[color=green][color=darkred]
> > > > > rights.
> > > > > >
> > > > > >
> > > > > > "Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
> > > > > > news:Opc0I6mnDH A.1708@TK2MSFTN GP12.phx.gbl...
> > > > > > > I try to make a custom CodeAccessSecur ityAttribute, but hit[/color][/color][/color]
the[color=blue][color=green]
> > wall[color=darkred]
> > > > at
> > > > > > > every corner.
> > > > > > >
> > > > > > > I created a simple custom security attribute, which is working[/color]
> > (see[color=darkred]
> > > > > > below).
> > > > > > > But...
> > > > > > > 1) I have to put the assembly in "C:\Program Files\Microsoft[/color]
> > Visual[color=darkred]
> > > > > Studio
> > > > > > > .NET 2003\Common7\ID E": shoudn't it be the application's[/color][/color]
> directory[color=green][color=darkred]
> > > > > > instead?
> > > > > > > 2) I'm unable to debug it.
> > > > > > >
> > > > > > > Any clues as how to change the required directory and how to[/color][/color]
> debug[color=green][color=darkred]
> > > the
> > > > > > > assembly?
> > > > > > >
> > > > > > > (The goal is, in the end, to access a database in the[/color][/color]
> attribute.)[color=green][color=darkred]
> > > > > > >
> > > > > > > Thanks!
> > > > > > >
> > > > > > > Martin
> > > > > > >
> > > > > > > ==== Code ====
> > > > > > >
> > > > > > > [AttributeUsage( AttributeTarget s.Method)]
> > > > > > > public class CustomPermissio nAttribute :
> > > CodeAccessSecur ityAttribute
> > > > > > > {
> > > > > > > public CustomPermissio nAttribute(Secu rityAction action)
> > > > > > > : base(action)
> > > > > > > {}
> > > > > > > public override IPermission CreatePermissio n()
> > > > > > > { return new PrincipalPermis sion("john", "role"); }
> > > > > > > }
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >[/color]
> >
> >[/color]
>
>[/color]

Re: Custom CodeAccessSecur ityAttribute

Martin -
what you are observing is expected. The declarative security attributes are
stored in the assembly metadata in the xml format, which gets created at the
compile time, so the contructor and the ToXml-related code is being invoked
at the compile time. At the run time the attribute is being read,
de-serialized and the right permission object is created.
--Ivan

This posting is provided "AS IS" with no warranties, and confers no rights


"Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
news:OWOEK8HpDH A.1084@tk2msftn gp13.phx.gbl...[color=blue]
> Well, that will probably be my last comment on this. I've added a file[/color]
trace[color=blue]
> in the attribute. The funny thing is that the trace is written to the file
> when the assembly that uses the attribute is COMPILED. My conclusion is[/color]
that[color=blue]
> the *code access security* attribute is tested between the assemblies at
> compile time and not at runtime, and that all the appropriate security[/color]
info[color=blue]
> is set in the using assembly's metadata. I guess that if I want to debug[/color]
the[color=blue]
> attribute dll, I have to use the compiler as the executing process. Far[/color]
too[color=blue]
> much trouble for what I need. Weird issue.
>
> Martin
>
> "Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
> news:OobBUmHpDH A.2964@tk2msftn gp13.phx.gbl...[color=green]
> > Ivan, we're getting closer, but it's not working: I've made sure to load[/color]
> the[color=green]
> > module; I've even added a static method to the attribute that I call[/color]
> before[color=green]
> > using the attribute (I can step into that method). BUT I can't step in[/color][/color]
the[color=blue][color=green]
> > instance method (breakpoints can be set but don't work). The feeling I[/color]
> have[color=green]
> > is that for security, the assembly containing the attribute is loaded by[/color]
> the[color=green]
> > framework in some other process (???).
> >
> > I also tried asserting the method to find my way in, but noting came up.
> >
> > "Ivan Medvedev [MS]" <ivanmed@online .microsoft.com> wrote in message
> > news:eEIoqG$oDH A.1740@TK2MSFTN GP12.phx.gbl...[color=darkred]
> > > Martin -
> > > you won't be able to step-in because there is no explicit call into[/color][/color][/color]
the[color=blue][color=green][color=darkred]
> > > attribute code. Try setting a breakpoint and then starting the process[/color]
> > being[color=darkred]
> > > debugger. In the 'Modules' window make sure the debug symbols are[/color][/color][/color]
loaded[color=blue][color=green]
> > for[color=darkred]
> > > the module containing the attribute implementation.
> > > --Ivan
> > > http://blogs.gotdotnet.com/ivanmed
> > > This posting is provided "AS IS" with no warranties, and confers no[/color][/color]
> rights[color=green][color=darkred]
> > >
> > > "Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
> > > news:O2ngLg%23o DHA.1020@TK2MSF TNGP09.phx.gbl. ..
> > > > I use VS and the attribute is in the GAC (I can see that its code is
> > > > executed). But I can't step-in the code of the attribute assembly.[/color][/color]
> It's[color=green][color=darkred]
> > > kind
> > > > of called by the framework somewhere. I need to be able to debug the
> > > > attribute assembly to add more sophisticated code. Do you know how[/color][/color][/color]
to[color=blue][color=green][color=darkred]
> > > debug
> > > > that assembly?
> > > >
> > > > Thanks again for any help!
> > > >
> > > > PS: Right now, I'm testing with a pretty basic attribute:
> > > >
> > > > [AttributeUsage( AttributeTarget s.Method)]
> > > > public class CustomPermissio nAttribute :[/color][/color][/color]
CodeAccessSecur ityAttribute[color=blue][color=green][color=darkred]
> > > > {
> > > > public CustomPermissio nAttribute(Secu rityAction action)
> > > > : base(action)
> > > > {
> > > > }
> > > >
> > > > public override IPermission CreatePermissio n()
> > > > {
> > > > return new PrincipalPermis sion("User");
> > > > }
> > > > }
> > > >
> > > > "Ivan Medvedev [MS]" <ivanmed@online .microsoft.com> wrote in message
> > > > news:OZ9%23Yzvo DHA.2000@TK2MSF TNGP12.phx.gbl. ..
> > > > > Martin -
> > > > > what debugging problems are you having? Do you have the rigth[/color][/color][/color]
debug[color=blue][color=green][color=darkred]
> > > > symbols
> > > > > at the right place? Are you using VS or cordbg?
> > > > > --Ivan
> > > > > http://blogs.gotdotnet.com/ivanmed
> > > > > This message is provided "AS IS" with no warranties, and confers[/color][/color][/color]
no[color=blue][color=green][color=darkred]
> > > > rights.
> > > > >
> > > > >
> > > > > "Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
> > > > > news:eFDXjSuoDH A.2216@TK2MSFTN GP12.phx.gbl...
> > > > > > Thanks, but do you know how I can debug such an assembly ?
> > > > > >
> > > > > > "Ivan Medvedev [MS]" <ivanmed@online .microsoft.com> wrote in[/color][/color]
> message[color=green][color=darkred]
> > > > > > news:OXrqbDloDH A.1632@TK2MSFTN GP10.phx.gbl...
> > > > > > > Martin -
> > > > > > > the right thing to do is to put the assembly containing[/color][/color]
> attribute[color=green][color=darkred]
> > > > > > > implementation in the GAC and add it to the fully trusted[/color]
> > assemblies[color=darkred]
> > > > > list
> > > > > > > (caspol -af).
> > > > > > > Hope this helps.
> > > > > > > --Ivan
> > > > > > > http://blogs.gotdotnet.com/ivanmed
> > > > > > > This message is provided "AS IS" with no warranties, and[/color][/color][/color]
confers[color=blue][color=green]
> > no[color=darkred]
> > > > > > rights.
> > > > > > >
> > > > > > >
> > > > > > > "Martin Lapierre" <lapierrem@cedr om-sni.com> wrote in message
> > > > > > > news:Opc0I6mnDH A.1708@TK2MSFTN GP12.phx.gbl...
> > > > > > > > I try to make a custom CodeAccessSecur ityAttribute, but hit[/color][/color]
> the[color=green][color=darkred]
> > > wall
> > > > > at
> > > > > > > > every corner.
> > > > > > > >
> > > > > > > > I created a simple custom security attribute, which is[/color][/color][/color]
working[color=blue][color=green][color=darkred]
> > > (see
> > > > > > > below).
> > > > > > > > But...
> > > > > > > > 1) I have to put the assembly in "C:\Program Files\Microsoft
> > > Visual
> > > > > > Studio
> > > > > > > > .NET 2003\Common7\ID E": shoudn't it be the application's[/color]
> > directory[color=darkred]
> > > > > > > instead?
> > > > > > > > 2) I'm unable to debug it.
> > > > > > > >
> > > > > > > > Any clues as how to change the required directory and how to[/color]
> > debug[color=darkred]
> > > > the
> > > > > > > > assembly?
> > > > > > > >
> > > > > > > > (The goal is, in the end, to access a database in the[/color]
> > attribute.)[color=darkred]
> > > > > > > >
> > > > > > > > Thanks!
> > > > > > > >
> > > > > > > > Martin
> > > > > > > >
> > > > > > > > ==== Code ====
> > > > > > > >
> > > > > > > > [AttributeUsage( AttributeTarget s.Method)]
> > > > > > > > public class CustomPermissio nAttribute :
> > > > CodeAccessSecur ityAttribute
> > > > > > > > {
> > > > > > > > public CustomPermissio nAttribute(Secu rityAction action)
> > > > > > > > : base(action)
> > > > > > > > {}
> > > > > > > > public override IPermission CreatePermissio n()
> > > > > > > > { return new PrincipalPermis sion("john", "role"); }
> > > > > > > > }
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >[/color]
> >
> >[/color]
>
>[/color]