C# .NET Securities

Hi Friends, I came out with the C# program to illustrate the C# .NET securities. It prints the current default Permission Set and description for each security label, Evidence that is passed in the application as a security, and at last we will see the example of role based security example. Your questions are most welcomed for anything related to .NET securities. -Jack

using System;
using System.Collections;
using System.Reflection;
using System.Security;
using System.Security.Policy;
using System.Threading;
using System.Security.Principal;

namespace DotNetSecurities
{
    class Program
    {
         static void Main(string[] args)
        {
             /*
             * named permission set is the lists of all policy levels Following code run from the local disk,
             * and retrives permission set from default policy settings.
             */

            IEnumerator ienum = SecurityManager.PolicyHierarchy();
             while (ienum.MoveNext())
            {
                PolicyLevel pLevel = (PolicyLevel)ienum.Current;
                Console.WriteLine(pLevel.Label);
                IEnumerator np = pLevel.NamedPermissionSets.GetEnumerator();
                 while (np.MoveNext())
                {
                    NamedPermissionSet pset = (NamedPermissionSet)np.Current;
                      Console.WriteLine("\tPermission Set: \n\t\t Name: {0} \n\t\t Description {1}", pset.Name, pset.Description);
                 }
             }
             Console.Read();

            /* Below code returns the evidence that is passed in the security system
             Evidence may be anything and at any of below levels implemented by System.Security.Policy namespace.
             *  1. Enterprise Level
             *  2. Machine Level
             *  3. User Level
             *  4. Application Domain Level
             * Evidence can Zone, Certificate, Strong name key, Salted Hash or Password etc.
             * Code Access Security Policy Utility (caspol.exe) utility allows administrators to modify security
* policy for at
user level and the machine level. You will need to have publisher certificates or
             * strong names for the application to have Enterprise level or Application domain level security.
             */

            Type t = Type.GetType("System.String");
            Assembly a = Assembly.GetAssembly(t);
            Evidence e = a.Evidence;
            ienum = e.GetEnumerator();
             while (ienum.MoveNext())
                 Console.WriteLine(ienum.Current);
            Console.Read();

            /* Roll based security example. */
            AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
            try
            {
                 CheckUser();
             }
             catch (Exception)
             {
                 Console.WriteLine("Exception thrown");
            }

            String[] roles = { "Programmer", "Analyst", "SystemHelper"};
            GenericIdentity genid = new GenericIdentity("domain\\username");
            GenericPrincipal g = new GenericPrincipal(genid, roles);
            Thread.CurrentPrincipal = g;
             if (Thread.CurrentPrincipal.Identity.Name == "domain\\username")
                 Console.WriteLine("Current loggen on user is domain\\username.");
            else
                 Console.WriteLine("Current logged on user is not domain\\username.");

             /* Find the user's defined role */
            if (Thread.CurrentPrincipal.IsInRole("Programmer"))
                 Console.WriteLine("domain\\username is Programmer");
            else if (Thread.CurrentPrincipal.IsInRole("Analyst"))          
                  Console.WriteLine(" domain\\username is Analyst");
            else if (Thread.CurrentPrincipal.IsInRole("SystemHelper"))
                 Console.WriteLine(" domain\\username is SystemHelper");
            else
                 Console.WriteLine(" domain\\username's role not defined.");        
        }

        [PrincipalPermissionAttribute(SecurityAction.Demand, Name = @"domain\username")]
        public static void CheckUser()
        {
             Console.WriteLine("Success");
        }      
    }
}
By Jignesh Shah   Popularity  (1320 Views)
Biography - Jignesh Shah
"I am electric engg and professor in college. Working on all the softwar languages are my passion." - Jignesh