|
dev
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Request for principal permission failedaccess security. In my Windows Form application, I am able to do to create an instance of the user control "Requisition" with no exceptions if the user has the proper role: <Security.Permissions.PrincipalPermissionAttribute(Security.Permissions.SecurityAction.Demand, Role:="Application Administrator")> _ Public Class Requisition Inherits System.Windows.Forms.UserControl Using this exact same code in the exact same way fails when I try to create the user control in a WPF Application. I get a "Request for principal permission failed" exception message. I am performing the following code: System.AppDomain.CurrentDomain.SetPrincipalPolicy(Security.Principal.PrincipalPolicy.WindowsPrincipal) mPrincipal = System.Threading.Thread.CurrentPrincipal mUserPrincipalIdentity = mPrincipal.Identity principalIdentityName = mUserPrincipalIdentity.Name.Split("\") If principalIdentityName.Length >= 1 Then principalIdentityUserName = principalIdentityName (principalIdentityName.Length - 1) End If Dim roles As New Roles() Dim roleCollection As RoleCollection Dim rolesArray As String() Dim applicationIdentity As Security.Principal.GenericIdentity roleCollection = roles.FindByEmployeeId(employeeId) ReDim rolesArray(roleCollection.Count - 1) Dim x As Integer x = 0 For Each role As Role In roleCollection rolesArray(x) = role.Name x += 1 Next ' Create generic identity. applicationIdentity = New Security.Principal.GenericIdentity(principalIdentityUserName ) ' Create generic principal. mApplicationPrincipal = New Security.Principal.GenericPrincipal(applicationIdentity, rolesArray) 'set the thread to run under this new identity System.Threading.Thread.CurrentPrincipal = mApplicationPrincipal Hi,
This is a quick note to let you know that I am performing research on this issue and will get back to you ASAP. I appreciate your patience! Sincerely, Linda Liu Microsoft Online Community Support ================================================== Get notification to my posts through email? Please refer to http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif ications. Note: The MSDN Managed Newsgroup support offering is for non-urgent issues where an initial response from the community or a Microsoft Support Engineer within 1 business day is acceptable. Please note that each follow up response may take approximately 2 business days as the support professional working with you may need further investigation to reach the most efficient resolution. The offering is not appropriate for situations that require urgent, real-time or phone-based interactions or complex project analysis and dump analysis issues. Issues of this nature are best handled working with a dedicated Microsoft Support Engineer by contacting Microsoft Customer Support Services (CSS) at http://msdn.microsoft.com/subscriptions/support/default.aspx. ================================================== This posting is provided "AS IS" with no warranties, and confers no rights. Hi,
I performed a test on this issue, but didn't reproduce the problem on my part. I create a WinForm application and add a UserControl into it. I add a public method in the UserControl and adorn the PrincipalPermissionAttribute on the UserControl. The code of the user control is like below: using System.Security.Permissions; [PrincipalPermission(SecurityAction.Demand, Name = "linda",Role="Administrators")] class UserControl1:UserControl { public void Method() { MessageBox.Show("Method in UserControl"); } } In the static Main method, I add the following code before Application.Run method is called: AppDomain.CurrentDomain.SetPrincipalPolicy(System.Security.Principal.Princip alPolicy.WindowsPrincipal); I add a Button on the form and handle the button's Click event handler as follows: private void button1_Click(object sender, EventArgs e) { UserControl1 uc = new UserControl1(); uc.Method(); } Build and run the application. When I run the application on Windows XP (on which I log as linda and the user 'linda' is in the Administrators group on the machine) and click the button on the form, a messagebox pops up without any question. Then I run the application on Windows Vista( on which Iog as linda and the user 'linda' is in the Administrator group on the machine) and click the button on the form. At this time, I get an exception 'Request for principal permission failed'. If I run the application as Administrators, all works without problems. Then I add the following code in the button's Click event handler: private void button1_Click(object sender, EventArgs e) { GenericIdentity gi = new GenericIdentity("linda"); GenericPrincipal gp = new GenericPrincipal(gi, new string[] { "Administrators" }); Thread.CurrentPrincipal = gp; UserControl1 uc = new UserControl1(); uc.Method(); } In this case, the application runs on behalf of the user 'linda' with the role 'Adminstrators'. Now I can run this application on Windows Vista without running it as Administrators. I perform a test in a WPF Windows application on almost the same code and see the same result. In my WPF test project, I add the code 'AppDomain.CurrentDomain.SetPrincipalPolicy(System.Security.Principal.Princi palPolicy.WindowsPrincipal);' in the static Main method within the App.g.cs file. FYI, to open the App.g.cs file, double-click the App.xaml.cs under the App.xaml node in the Solution Explorer. In the code editor, select Main from the top right combobox and then you will navigate to the App.g.cs file. Is there any difference between your projects and mine? Sincerely, Linda Liu Microsoft Online Community Support Thanks for the reply,
The difference between my application and yours is I set up the generic principal in the WPF form that is specified in the StartupUri in App.xaml. I have a Canvas layout section on the WPF form. This gets filled with a WPF control initially. When a user selects a menu item, I remove the WPF control and attempt to create the user control. Let me try moving my generic principal to static main and see if this makes a difference. I will let you know the results. Show quote "Linda Liu [MSFT]" wrote: > Hi, > > I performed a test on this issue, but didn't reproduce the problem on my > part. > > I create a WinForm application and add a UserControl into it. I add a > public method in the UserControl and adorn the PrincipalPermissionAttribute > on the UserControl. The code of the user control is like below: > > using System.Security.Permissions; > [PrincipalPermission(SecurityAction.Demand, Name = > "linda",Role="Administrators")] > class UserControl1:UserControl > { > public void Method() > { > MessageBox.Show("Method in UserControl"); > } > } > > In the static Main method, I add the following code before Application.Run > method is called: > AppDomain.CurrentDomain.SetPrincipalPolicy(System.Security.Principal.Princip > alPolicy.WindowsPrincipal); > > I add a Button on the form and handle the button's Click event handler as > follows: > > private void button1_Click(object sender, EventArgs e) > { > UserControl1 uc = new UserControl1(); > uc.Method(); > } > Build and run the application. When I run the application on Windows XP > (on which I log as linda and the user 'linda' is in the Administrators > group on the machine) and click the button on the form, a messagebox pops > up without any question. > > Then I run the application on Windows Vista( on which Iog as linda and the > user 'linda' is in the Administrator group on the machine) and click the > button on the form. At this time, I get an exception 'Request for principal > permission failed'. If I run the application as Administrators, all works > without problems. > > Then I add the following code in the button's Click event handler: > > private void button1_Click(object sender, EventArgs e) > { > GenericIdentity gi = new GenericIdentity("linda"); > GenericPrincipal gp = new GenericPrincipal(gi, new string[] { > "Administrators" }); > > Thread.CurrentPrincipal = gp; > UserControl1 uc = new UserControl1(); > uc.Method(); > } > > In this case, the application runs on behalf of the user 'linda' with the > role 'Adminstrators'. Now I can run this application on Windows Vista > without running it as Administrators. > > I perform a test in a WPF Windows application on almost the same code and > see the same result. In my WPF test project, I add the code > 'AppDomain.CurrentDomain.SetPrincipalPolicy(System.Security.Principal.Princi > palPolicy.WindowsPrincipal);' in the static Main method within the App.g.cs > file. > > FYI, to open the App.g.cs file, double-click the App.xaml.cs under the > App.xaml node in the Solution Explorer. In the code editor, select Main > from the top right combobox and then you will navigate to the App.g.cs file. > > Is there any difference between your projects and mine? > > Sincerely, > Linda Liu > Microsoft Online Community Support > > Hi,
Thank you for your reply. Have you tried moving the generic principal to the static Main method in your WPF Windows application? How about the problem now? If you need our further assistance, please feel free to let me know. Thank you for using our MSDN Managed Newsgroup Support Service! Sincerely, Linda Liu Microsoft Online Community Support  |
|||||||||||||||||||||||
Other interesting topics