IPermission.Demand not called

I've implemented an IPermission derivative and a corresponding CodeAccessSecurityAttribute class.

I register my class with caspol and gac it. My test driver has a method I attribute with my CodeAccessSecurityAttribute and request SecurityAction.Demand.

Just prior to making the method call, I see the constructor for my permission class is called, then FromXml() and IsSubsetOf.

Demand() is never called. Why

Answer this question

IPermission.Demand not called

anina
Nicole-

Thanks for the response. Here's my test driver:

[WebMethod]
[CustomPermissionAttribute(SecurityAction.Demand, Unrestricted = true,Feature="bootstrap")]
public string HelloBunny()
{
return "hello";
}
P&#228;r Hedberg
Curiouser and curiouser... I see the Demand call even with that attribute.* Given that the problem doesn't seem to lie in the code, I guess we'll have to fall back on possible registration issues. Try adjusting the pre- and post-build events of your permission assembly project to the following (adjusting the Framework path as necessary):

Pre-build event:

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\caspol.exe" -rf $(TargetName)
"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe" -uf $(TargetName)

Post-build event:

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe" -i $(TargetPath)
"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\caspol.exe" -af $(TargetName)

Rebuild at least twice, then attempt to re-run, verifying the run build doesn't show any errors for either the pre- or post-build event. Do you still see no evidence of the Demand call

*An unrestricted instance of your permission would presumably include all "features", so it seems a bit odd to be demanding unrestricted + "bootstrap" feature.
Philosophil
It sounds like there might be an exception thrown within your IsSubsetOf method. If not, there are quite a few other reasons why the demand might not be invoked, and attempting to guess based on minimal information would be a bit of a waste of time. Might you be able to provide the following details:

1. What version of the .NET Framework are you using

2. Exactly what do you mean by "register my class with caspol" (i.e.: Exactly what command line are you running ) Are you doing this before or after adding the assembly to the GAC

3. Could you please provide the code for both your permission class and the attribute class If you're not comfortable with providing the complete code, might you at least be able to provide a minimal repro sample based on your implementation
St Robel
Thanks for the response.

1. 1.1
2. caspol -af myPerm.dll (add full trust)
3. No problem there, it's just the sample from MSDN and/or Eugene Bobukh's blog (thanks, Eugene!)

[AttributeUsageAttribute(AttributeTargets.All, AllowMultiple = true)]

[Serializable()]

public class CustomPermissionAttribute: CodeAccessSecurityAttribute

{

bool unrestricted = false;

public string Feature

{

get{ return _feature; }

set{ _feature = value; }

}

string _feature;

public new bool Unrestricted

{

get{ return unrestricted; }

set{ unrestricted = value; }

}

public CustomPermissionAttribute(SecurityAction action): base (action)

{

Debug.WriteLine("CustomPermissionAttribute()");

_feature = "";

}

public override IPermission CreatePermission()

{

Debug.WriteLine("CreatePermission()");

return new CustomPermission(Unrestricted PermissionState.Unrestricted:PermissionState.None,_feature);

}

}

[Serializable()]

public sealed class CustomPermission: IPermission

{

private bool unrestricted;

private WindowsPrincipal _currentUser;

public CustomPermission(PermissionState state)

{

Debug.WriteLine("CustomPermission(state)");

unrestricted = (state == PermissionState.Unrestricted);

_feature = "";

}

public CustomPermission(PermissionState state,string feature)

{

Debug.WriteLine("CustomPermission(state,feature)");

unrestricted = (state == PermissionState.Unrestricted);

_feature = feature == null "" : feature;

}

public bool IsUnrestricted()

{

Debug.WriteLine("IsUnrestricted()");

return unrestricted;

}

public IPermission Copy()

{

Debug.WriteLine("Copy()");

CustomPermission copy = new CustomPermission(PermissionState.None);

if(this.IsUnrestricted())

{

copy.unrestricted = true;

}

else

{

copy.unrestricted = false;

}

copy.Feature = this.Feature;

return copy;

}

public IPermission Intersect(IPermission target)

{

Debug.WriteLine("Intersect()");

//If nothing was passed, return null.

if(null == target)

{

return null;

}

try

{

//Create a new instance of CustomPermission from the passed object.

CustomPermission PassedPermission = (CustomPermission)target;

//If one class has an unrestricted value of false, then the

//intersection will have an unrestricted value of false.

//Return the passed class with the unrestricted value of false.

if(!PassedPermission.unrestricted)

{

return target;

}

//Return a copy of the current class if the passed one has

//an unrestricted value of true.

return this.Copy();

}

//Catch an InvalidCastException.

//Throw ArgumentException to notify the user.

catch (InvalidCastException)

{

throw new ArgumentException("Argument_WrongType", this.GetType().FullName);

}

}

public bool IsSubsetOf(IPermission target)

{

Debug.WriteLine("IsSubsetOf()");

//If nothing was passed and unrestricted is false,

//then return true.

if(null == target)

{

return !this.unrestricted;

}

try

{

//Create a new instance of CustomPermission from the passed object.

CustomPermission passedpermission = (CustomPermission)target;

//If unrestricted has the same value in both objects, then

//one is the subset of the other.

if(this.unrestricted == passedpermission.unrestricted)

{

return true;

}

else

{

return false;

}

}

//Catch an InvalidCastException.

//Throw ArgumentException to notify the user.

catch (InvalidCastException)

{

throw new ArgumentException("Argument_WrongType", this.GetType().FullName);

}

}

public void FromXml(SecurityElement PassedElement)

{

Debug.WriteLine("FromXml()");

//Get the unrestricted value from the XML and initialize

//the current instance of unrestricted to that value.

string element = PassedElement.Attribute("Unrestricted");

if(null != element)

{

this.unrestricted = Convert.ToBoolean(element);

}

this._feature = PassedElement.Attribute("Feature") == null "" : PassedElement.Attribute("Feature") ;

}

public SecurityElement ToXml()

{

Debug.WriteLine("ToXml()");

//Encode the current permission to XML using the

//SecurityElement class.

SecurityElement element = new SecurityElement("IPermission");

Type type = this.GetType();

StringBuilder AssemblyName = new StringBuilder(type.Assembly.ToString());

AssemblyName.Replace('\"', '\'');

element.AddAttribute("class", type.FullName + ", " + AssemblyName);

element.AddAttribute("version", "1");

element.AddAttribute("Unrestricted", unrestricted.ToString());

element.AddAttribute("Feature", _feature);

return element;

}

public IPermission Union(IPermission target)

{

return new CustomPermission(this.unrestricted PermissionState.Unrestricted : PermissionState.None,_feature);

}

public string Feature

{

get{ return _feature; }

set{ _feature = value; }

}

string _feature;

public void Demand()

{

Debug.WriteLine("Demand()");

}

}
Cof139
Hmm... I see the Demand method getting called in all cases where FromXml gets called, but your FromXml implementation isn't really complete, so it could be that I'm just not formulating the right attribute to reproduce the problem. Could you please provide an example of an attribute use (as applied to a class or member) that causes the behaviour you described
IPermission.Demand not called

Answer this question

IPermission.Demand not called

Hot Topic

.NET Development

IPermission.Demand not called

IPermission.Demand not called

anina

P&amp;#228;r Hedberg

Philosophil

St Robel

Cof139

Pär Hedberg