User and Data Security in .net
VB.NET:
Imports System.Security.Principal
Public Class JoeyIdentity
Implements IIdentity
Public ReadOnly Property AuthenticationType() As String Implements System.Security.Principal.IIdentity.AuthenticationType
Get
Return "Authenticated by Joey"
End Get
End Property
Public ReadOnly Property IsAuthenticated() As Boolean Implements System.Security.Principal.IIdentity.IsAuthenticated
Get
Return True
End Get
End Property
Public ReadOnly Property Name() As String Implements System.Security.Principal.IIdentity.Name
Get
Return "Joey"
End Get
End Property
End Class
Public Class JoeyIdentity
Implements IIdentity
Public ReadOnly Property AuthenticationType() As String Implements System.Security.Principal.IIdentity.AuthenticationType
Get
Return "Authenticated by Joey"
End Get
End Property
Public ReadOnly Property IsAuthenticated() As Boolean Implements System.Security.Principal.IIdentity.IsAuthenticated
Get
Return True
End Get
End Property
Public ReadOnly Property Name() As String Implements System.Security.Principal.IIdentity.Name
Get
Return "Joey"
End Get
End Property
End Class
Imports System.Security.Principal
Public Class JoeyPrincipal
Implements IPrincipal
Private _Identity As IIdentity
Private _Roles() As String
Public Sub New(ByVal Identify As IIdentity, ByVal Roles As String())
_Identity = Identify
_Roles = Array.CreateInstance(GetType(String), Roles.Length)
Roles.CopyTo(_Roles, 0)
Array.Sort(_Roles)
End Sub
Public ReadOnly Property Identity() As System.Security.Principal.IIdentity Implements System.Security.Principal.IPrincipal.Identity
Get
Return _Identity
End Get
End Property
Public Function IsInRole(ByVal role As String) As Boolean Implements System.Security.Principal.IPrincipal.IsInRole
Return Array.BinarySearch(_Roles, role) >= 0
End Function
End Class
Public Class JoeyPrincipal
Implements IPrincipal
Private _Identity As IIdentity
Private _Roles() As String
Public Sub New(ByVal Identify As IIdentity, ByVal Roles As String())
_Identity = Identify
_Roles = Array.CreateInstance(GetType(String), Roles.Length)
Roles.CopyTo(_Roles, 0)
Array.Sort(_Roles)
End Sub
Public ReadOnly Property Identity() As System.Security.Principal.IIdentity Implements System.Security.Principal.IPrincipal.Identity
Get
Return _Identity
End Get
End Property
Public Function IsInRole(ByVal role As String) As Boolean Implements System.Security.Principal.IPrincipal.IsInRole
Return Array.BinarySearch(_Roles, role) >= 0
End Function
End Class
Imports System.Threading
Imports System.Security.Permissions
Module Module1
Sub Main()
Dim jIdentity As New JoeyIdentity
Dim roles As String() = {"Developer"}
Dim jPrincipal As New JoeyPrincipal(jIdentity, roles)
Thread.CurrentPrincipal = jPrincipal
Try
TestDeveloper()
TestSucker()
Catch ex As Exception
Console.WriteLine(ex.GetType.ToString + " caused by " + Thread.CurrentPrincipal.Identity.Name)
End Try
Try
Dim pp As New PrincipalPermission("Joey", "Developer")
pp.Demand()
Console.WriteLine(Thread.CurrentPrincipal.Identity.Name + " is indeed a developer.")
pp = New PrincipalPermission("Joey", "Sucker")
pp.Demand()
Catch ex As Exception
Console.WriteLine(Thread.CurrentPrincipal.Identity.Name + " is indeed not a sucker.")
End Try
Console.Read()
End Sub
<PrincipalPermissionAttribute(SecurityAction.Demand, role:="Developer")> _
Private Sub TestDeveloper()
Console.WriteLine(Thread.CurrentPrincipal.Identity.Name + " is a developer.")
End Sub
<PrincipalPermissionAttribute(SecurityAction.Demand, role:="Sucker")> _
Private Sub TestSucker()
Console.WriteLine(Thread.CurrentPrincipal.Identity.Name + " is a sucker.")
End Sub
End Module
Imports System.Security.Permissions
Module Module1
Sub Main()
Dim jIdentity As New JoeyIdentity
Dim roles As String() = {"Developer"}
Dim jPrincipal As New JoeyPrincipal(jIdentity, roles)
Thread.CurrentPrincipal = jPrincipal
Try
TestDeveloper()
TestSucker()
Catch ex As Exception
Console.WriteLine(ex.GetType.ToString + " caused by " + Thread.CurrentPrincipal.Identity.Name)
End Try
Try
Dim pp As New PrincipalPermission("Joey", "Developer")
pp.Demand()
Console.WriteLine(Thread.CurrentPrincipal.Identity.Name + " is indeed a developer.")
pp = New PrincipalPermission("Joey", "Sucker")
pp.Demand()
Catch ex As Exception
Console.WriteLine(Thread.CurrentPrincipal.Identity.Name + " is indeed not a sucker.")
End Try
Console.Read()
End Sub
<PrincipalPermissionAttribute(SecurityAction.Demand, role:="Developer")> _
Private Sub TestDeveloper()
Console.WriteLine(Thread.CurrentPrincipal.Identity.Name + " is a developer.")
End Sub
<PrincipalPermissionAttribute(SecurityAction.Demand, role:="Sucker")> _
Private Sub TestSucker()
Console.WriteLine(Thread.CurrentPrincipal.Identity.Name + " is a sucker.")
End Sub
End Module
C#:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Security.Principal;
namespace UserAndDataSecurityCS
{
class JoeyIdentity : IIdentity
{
#region IIdentity Members
public string AuthenticationType
{
get
{
return "Authenticated by Joey";
}
}
public bool IsAuthenticated
{
get
{
return true;
}
}
public string Name
{
get
{
return "Joey";
}
}
#endregion
}
}
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Security.Principal;
namespace UserAndDataSecurityCS
{
class JoeyIdentity : IIdentity
{
#region IIdentity Members
public string AuthenticationType
{
get
{
return "Authenticated by Joey";
}
}
public bool IsAuthenticated
{
get
{
return true;
}
}
public string Name
{
get
{
return "Joey";
}
}
#endregion
}
}
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Security.Principal;
namespace UserAndDataSecurityCS
{
class JoeyPrincipal : IPrincipal
{
private IIdentity _Identity;
private string[] _Roles;
public JoeyPrincipal(IIdentity Identity, string[] Roles)
{
_Identity = Identity;
_Roles = new string[Roles.Length];
Roles.CopyTo(_Roles, 0);
Array.Sort(_Roles);
}
#region IPrincipal Members
public IIdentity Identity
{
get
{
return _Identity;
}
}
public bool IsInRole(string role)
{
return Array.BinarySearch<string>(_Roles, role) >= 0;
}
#endregion
}
}
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Security.Principal;
namespace UserAndDataSecurityCS
{
class JoeyPrincipal : IPrincipal
{
private IIdentity _Identity;
private string[] _Roles;
public JoeyPrincipal(IIdentity Identity, string[] Roles)
{
_Identity = Identity;
_Roles = new string[Roles.Length];
Roles.CopyTo(_Roles, 0);
Array.Sort(_Roles);
}
#region IPrincipal Members
public IIdentity Identity
{
get
{
return _Identity;
}
}
public bool IsInRole(string role)
{
return Array.BinarySearch<string>(_Roles, role) >= 0;
}
#endregion
}
}
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Security.Permissions;
using System.Threading;
namespace UserAndDataSecurityCS
{
class Program
{
static void Main(string[] args)
{
JoeyIdentity jIdentify = new JoeyIdentity();
string[] roles = { "Developer" };
JoeyPrincipal jPrincipal = new JoeyPrincipal(jIdentify, roles);
Thread.CurrentPrincipal = jPrincipal;
try
{
TestDeveloper();
TestSucker();
}
catch(Exception ex)
{
Console.WriteLine(ex.GetType().ToString() + " caused by " + Thread.CurrentPrincipal.Identity.Name);
}
try
{
PrincipalPermission pp = new PrincipalPermission("Joey", "Developer");
pp.Demand();
Console.WriteLine(Thread.CurrentPrincipal.Identity.Name + " is indeed a developer.");
pp = new PrincipalPermission("Joey", "Sucker");
pp.Demand();
}
catch
{
Console.WriteLine(Thread.CurrentPrincipal.Identity.Name + " is indeed not a sucker.");
}
Console.Read();
}
[PrincipalPermissionAttribute(SecurityAction.Demand, Role = "Developer")]
private static void TestDeveloper()
{
Console.WriteLine(Thread.CurrentPrincipal.Identity.Name + " is a developer.");
}
[PrincipalPermissionAttribute(SecurityAction.Demand, Role = "Sucker")]
private static void TestSucker()
{
Console.WriteLine(Thread.CurrentPrincipal.Identity.Name + " is a sucker.");
}
}
}
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Security.Permissions;
using System.Threading;
namespace UserAndDataSecurityCS
{
class Program
{
static void Main(string[] args)
{
JoeyIdentity jIdentify = new JoeyIdentity();
string[] roles = { "Developer" };
JoeyPrincipal jPrincipal = new JoeyPrincipal(jIdentify, roles);
Thread.CurrentPrincipal = jPrincipal;
try
{
TestDeveloper();
TestSucker();
}
catch(Exception ex)
{
Console.WriteLine(ex.GetType().ToString() + " caused by " + Thread.CurrentPrincipal.Identity.Name);
}
try
{
PrincipalPermission pp = new PrincipalPermission("Joey", "Developer");
pp.Demand();
Console.WriteLine(Thread.CurrentPrincipal.Identity.Name + " is indeed a developer.");
pp = new PrincipalPermission("Joey", "Sucker");
pp.Demand();
}
catch
{
Console.WriteLine(Thread.CurrentPrincipal.Identity.Name + " is indeed not a sucker.");
}
Console.Read();
}
[PrincipalPermissionAttribute(SecurityAction.Demand, Role = "Developer")]
private static void TestDeveloper()
{
Console.WriteLine(Thread.CurrentPrincipal.Identity.Name + " is a developer.");
}
[PrincipalPermissionAttribute(SecurityAction.Demand, Role = "Sucker")]
private static void TestSucker()
{
Console.WriteLine(Thread.CurrentPrincipal.Identity.Name + " is a sucker.");
}
}
}
