1

I am trying to implement security in my application. I made a project in visual studio to test this out. This works. This is the project to give you an idea of how I am using it https://www.dropbox.com/s/4dyhmqe5kntbcvy/Principalpsermission.zip?v=0mcns

But when I apply those things to my real application in the same manner, it fails on mscorlib.dll (When calling the Demand method).

So I'm thinking there might be a clue in here: http://msdn.microsoft.com/en-us/library/9kc0c6st.aspx , but I have no idea how to fix it.

Code:

SecurityController.cs

public static void initializeSecurity() {
        // Create generic identity.

        GenericIdentity MyIdentity = new GenericIdentity(ZaccociaLibrary.Properties.Settings.Default.CurrentUserName);

        // Create generic principal.
        String[] MyRolesArray = { ZaccociaLibrary.Properties.Settings.Default.CurrentUserRole };  //Welke roles heeft de user

        // Attach the principal to the current thread.
        // This is not required unless repeated validation must occur,
        // other code in your application must validate, or the 
        // PrincipalPermisson object is used. 
        Thread.CurrentPrincipal = MyPrincipal; 
    }

FrmLogin

    private void btnLogin_Click(object sender, EventArgs e)
    {
        picLoading.Visible = true;
        Account t = new Account("","",txtPassword.Text, txtUsername.Text);
        Task taskServer = Task.Factory.StartNew(() =>
        {
            data = AccountController.GetLogin(t);
        });
        Task UITaskServer = taskServer.ContinueWith(delegate { onLoginCheckComplete(); },
        TaskScheduler.FromCurrentSynchronizationContext());
    }

    private void onLoginCheckComplete()
    {
        picLoading.Visible = false;
        //Copy accountsettings to local settings
        LocalSettingsController.copyDatabaseUserDataToLocalSettings(data); 
        if (data.Count() > 0)
        {
            SecurityController.initializeSecurity();
            Form formMDI = new FrmMDi();
            formMDI.Show();
            this.Hide();
        }
    }

LocalSettingsController.cs

    public static void copyDatabaseUserDataToLocalSettings(string[][] data)
    {
        if (data.Count() > 0)
        {
            //Get data from SP-lookupAccount results on login
            ZaccociaLibrary.Properties.Settings.Default.CurrentUserID = Convert.ToInt32(data[0][0]);
            ZaccociaLibrary.Properties.Settings.Default.CurrentUserName = data[0][1];
            ZaccociaLibrary.Properties.Settings.Default.CurrentUserPassword = data[0][2];
            ZaccociaLibrary.Properties.Settings.Default.CurrentUserLanguage = data[0][8];
            ZaccociaLibrary.Properties.Settings.Default.CurrentUserAccountGroup = data[0][9];
            ZaccociaLibrary.Properties.Settings.Default.CurrentUserRole = data[0][10];
        }
    }

FrmMDi: Errors here even if Role is correct for logged in user

    [PrincipalPermission(SecurityAction.Demand, Role = "Administrator")]
    [PrincipalPermission(SecurityAction.Demand, Role = "Employee")]
    private void formProductManagement()
    {
        Form oForm = childExists("FrmProductManagement");
        if (oForm == null)
        {
            FrmProductManagement NewProdForm = new FrmProductManagement();
            NewProdForm.MdiParent = this;
            NewProdForm.Show();
            NewProdForm.Activate();
        }
    }

Stack:

A first chance exception of type 'System.Security.SecurityException' occurred in mscorlib.dll
System.Transactions Critical: 0 : <TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Critical"><TraceIdentifier>http://msdn.microsoft.com/TraceCodes/System/ActivityTracing/2004/07/Reliability/Exception/Unhandled</TraceIdentifier><Description>Unhandled exception</Description><AppDomain>ZaccociaView.vshost.exe</AppDomain><Exception><ExceptionType>System.Security.SecurityException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType><Message>Request for principal permission failed.</Message><StackTrace>   at System.Security.Permissions.PrincipalPermission.ThrowSecurityException()
   at System.Security.Permissions.PrincipalPermission.Demand()
   at System.Security.PermissionSet.DemandNonCAS()
   at ZaccociaView.PresentationLayer.View.FrmMDi.formClubManagement() in c:\Users\Tim\Documents\Visual Studio 2012\Projects\Zacoccia\Zaccocia\ZaccociaForm\PresentationLayer\View\FrmMDi.cs:line 243
   at ZaccociaView.PresentationLayer.View.FrmMDi.Frm_MDI_Click(Object sender, EventArgs e) in c:\Users\Tim\Documents\Visual Studio 2012\Projects\Zacoccia\Zaccocia\ZaccociaForm\PresentationLayer\View\FrmMDi.cs:line 63
   at System.Windows.Forms.ToolStripItem.RaiseEvent(Object key, EventArgs e)
   at System.Windows.Forms.ToolStripMenuItem.OnClick(EventArgs e)
   at System.Windows.Forms.ToolStripItem.HandleClick(EventArgs e)
   at System.Windows.Forms.ToolStripItem.HandleMouseUp(MouseEventArgs e)
   at System.Windows.Forms.ToolStripItem.FireEventInteractive(EventArgs e, ToolStripItemEventType met)
   at System.Windows.Forms.ToolStripItem.FireEvent(EventArgs e, ToolStripItemEventType met)
   at System.Windows.Forms.ToolStrip.OnMouseUp(MouseEventArgs mea)
   at System.Windows.Forms.Control.WmMouseUp(Message&amp;amp; m, MouseButtons button, Int32 clicks)
   at System.Windows.Forms.Control.WndProc(Message&amp;amp; m)
   at System.Windows.Forms.ScrollableControl.WndProc(Message&amp;amp; m)
   at System.Windows.Forms.ToolStrip.WndProc(Message&amp;amp; m)
   at System.Windows.Forms.MenuStrip.WndProc(Message&amp;amp; m)
   at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message&amp;amp; m)
   at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message&amp;amp; m)
   at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
   at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG&amp;amp; msg)
   at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr dwComponentID, Int32 reason, Int32 pvLoopData)
   at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
   at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
   at System.Windows.Forms.Application.Run(Form mainForm)
   at ZaccociaView.Program.Main() in c:\Users\Tim\Documents\Visual Studio 2012\Projects\Zacoccia\Zaccocia\ZaccociaForm\Program.cs:line 19
   at System.AppDomain._nExecuteAssembly(RuntimeAssembly assembly, String[] args)
   at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args)
   at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
   at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.ThreadHelper.ThreadStart()</StackTrace><ExceptionString>System.Security.SecurityException: Request for principal permission failed.
   at System.Security.Permissions.PrincipalPermission.ThrowSecurityException()
   at System.Security.Permissions.PrincipalPermission.Demand()
   at System.Security.PermissionSet.DemandNonCAS()
   at ZaccociaView.PresentationLayer.View.FrmMDi.formClubManagement() in c:\Users\Tim\Documents\Visual Studio 2012\Projects\Zacoccia\Zaccocia\ZaccociaForm\PresentationLayer\View\FrmMDi.cs:line 243
   at ZaccociaView.PresentationLayer.View.FrmMDi.Frm_MDI_Click(Object sender, EventArgs e) in c:\Users\Tim\Documents\Visual Studio 2012\Projects\Zacoccia\Zaccocia\ZaccociaForm\PresentationLayer\View\FrmMDi.cs:line 63
   at System.Windows.Forms.ToolStripItem.RaiseEvent(Object key, EventArgs e)
   at System.Windows.Forms.ToolStripMenuItem.OnClick(EventArgs e)
   at System.Windows.Forms.ToolStripItem.HandleClick(EventArgs e)
   at System.Windows.Forms.ToolStripItem.HandleMouseUp(MouseEventArgs e)
   at System.Windows.Forms.ToolStripItem.FireEventInteractive(EventArgs e, ToolStripItemEventType met)
   at System.Windows.Forms.ToolStripItem.FireEvent(EventArgs e, ToolStripItemEventType met)
   at System.Windows.Forms.ToolStrip.OnMouseUp(MouseEventArgs mea)
   at System.Windows.Forms.Control.WmMouseUp(Message&amp;amp; m, MouseButtons button, Int32 clicks)
   at System.Windows.Forms.Control.WndProc(Message&amp;amp; m)
   at System.Windows.Forms.ScrollableControl.WndProc(Message&amp;amp; m)
   at System.Windows.Forms.ToolStrip.WndProc(Message&amp;amp; m)
   at System.Windows.Forms.MenuStrip.WndProc(Message&amp;amp; m)
   at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message&amp;amp; m)
   at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message&amp;amp; m)
   at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
   at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG&amp;amp; msg)
   at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr dwComponentID, Int32 reason, Int32 pvLoopData)
   at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
   at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
   at System.Windows.Forms.Application.Run(Form mainForm)
   at ZaccociaView.Program.Main() in c:\Users\Tim\Documents\Visual Studio 2012\Projects\Zacoccia\Zaccocia\ZaccociaForm\Program.cs:line 19
   at System.AppDomain._nExecuteAssembly(RuntimeAssembly assembly, String[] args)
   at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args)
   at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
   at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.ThreadHelper.ThreadStart()
The action that failed was:
Demand
The type of the first permission that failed was:
System.Security.Permissions.PrincipalPermission
The first permission that failed was:
&amp;lt;IPermission class="System.Security.Permissions.PrincipalPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"&amp;gt;
&amp;lt;Identity Authenticated="true"
Role="Club"/&amp;gt;
&amp;lt;Identity Authenticated="true"
Role="Employee"/&amp;gt;
&amp;lt;Identity Authenticated="true"
Role="Administrator"/&amp;gt;
&amp;lt;/IPermission&amp;gt;

The demand was for:
&amp;lt;IPermission class="System.Security.Permissions.PrincipalPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"&amp;gt;
&amp;lt;Identity Authenticated="true"
Role="Club"/&amp;gt;
&amp;lt;Identity Authenticated="true"
Role="Employee"/&amp;gt;
&amp;lt;Identity Authenticated="true"
Role="Administrator"/&amp;gt;
&amp;lt;/IPermission&amp;gt;

The assembly or AppDomain that failed was:
mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionString></Exception></TraceRecord>

Anyone got an idea?

Thanks in advance.

Tim D'hoe
  • 33
  • 5
  • It doesn't fail in mscorlib, it fails in your formClubManagement constructor. Mscorlib is merely the messenger that reports the problem. Nobody can see your code, you cannot get help without it. – Hans Passant May 17 '13 at 13:52
  • Oh, ok. Well I added code – Tim D'hoe May 17 '13 at 14:51

0 Answers0