problem with Security within static new()

yh_ink posted on Tuesday, October 24, 2006

Hey guys,

I have a problem with the security.Please look at the following code below.

public static Address New()

{

if(!Thread.CurrentPrincipal.Identity.IsAuthenticated)

throw new System.Security.SecurityException("User not authorized");

return (Address)DataPortal.Create(new Criteria(0));

}

When run my application it  displays execption.What is going on ???the user is a valid user.

with out checking for user authentication above  if i just add the following in the static method to check for authentication

public override BusinessBase Save()

{

if (IsDeleted)

{

System.Security.Principal.IIdentity user = Thread.CurrentPrincipal.Identity;

bool b = user.IsAuthenticated;

if (!Thread.CurrentPrincipal.Identity.IsAuthenticated)

throw new System.Security.SecurityException("User not authorized to Delete");

}

else

{

if (!Thread.CurrentPrincipal.Identity.IsAuthenticated)

throw new System.Security.SecurityException("User not authorized to add or update ");

}

return base.Save();

}

This works perfectly fine. and perimts if the user is authenticated.

I just want to know whats going on in my static New() method.

I have looked at the project example from the book which lets us know how security is implemented.

ajj3085 replied on Wednesday, October 25, 2006

By default, threads get a GenericPrincipal, and IsAuthenticated is false.

Exactly what kind of principal object are you getting when the security check is failing?

SonOfPirate replied on Wednesday, October 25, 2006

The other thing to remember is that static constructors get called BEFORE anything else in the class AND only once when the first instance is created.  IMO, you may want to rethink what you are doing.  But, either way, keep in mind the order of execution because it may be that this is executing before the code you set the CurrentPrincipal to your user/principal object.  If not, then review your previous post in regards to your authentication problems and Andy's inquiry as they are both pointing at the same possible cause.

 

yh_ink replied on Wednesday, October 25, 2006

Then how do you think i should implement the security to my class.In the project class of csla book it was mentioned to do the way i did.I am using earlier version of csla not the latest 2.0 And for security is that override save method enough to check for security.Please let me know...

ajj3085 replied on Wednesday, October 25, 2006

Your checks are fine, you just need to ensure that the Thread.CurrentPrincipal is the type you think it is. By default when you run a .Net app, its GenericPrincipal, which I don't think ever returns true for IsAuthenticated.  Put a breakpoint on the security check that fails and look at what kind of Principal is in the Thread.CurrentPrincipal.

yh_ink replied on Wednesday, October 25, 2006

I looked at the Thread.CurrentPrincipal

In the first case it refers to system.security.principal.GenericIdentity which determines false.

In the Override Save() method it refers to CSLA.Security.BusinessPrincipal which determines true

How should i solve this????

 

guyroch replied on Wednesday, October 25, 2006

You did create your own Identity/Principal pair, right?  Perhaps including both these classes would help us troubleshooting this.  It looks to me that you are not authenticated (even though you seem to think you are) because your Thread.CurrentIdentity is of type GenericIdentity.

You must remember that the data portal does not care if you're authenticated or not, it just cares that the Identity/Principal pair is of the right type, and GenericIdentity is definitly not the right type.

Hope this helps

SonOfPirate replied on Thursday, October 26, 2006

The reason this is occuring is because the static constructor is executing BEFORE you set the current thread's principal to your custom object.  Somewhere after this constructor runs and before your Save method is called, you are setting Thread.CurrentPrincipal to your custom principal. this is evident by the change in type in each method.

Again, I urge you to take a closer look at what you are trying to accomplish and the order of operations that is actually taking place.  A static constructor only executes once for each type and only when the first instance of that type is instantiated.  Furthermore, it executes before any other code in that class.  Search for ".NET static constructors" online and you'll find more than enough articles about the topic to learn more.

Somewhere, presumably in some kind of a login method, you are setting the principal object.  This is obviously taking place AFTER you are creating the first instance of this class so that the Principal, and thereby Identity, that you are getting from the thread is the GenericIdentity which is unauthenticated.  You have verified this yourself already.

So, trace the steps the app follows and see when and where you are setting the principal to the correct object and alter your code to adjust.

FWIW, I'm not sure I agree with throwing an exception just because your application attempted to access this class when executing with an unauthenticated user.  The better approach is to throw the exception when the user tries to do something with the class, such as calling Save or some other property/method.  What you are doing is preventing your code from making use of this class.  The purpose of these security measures is prevent access by your users, not block your code.  Use a LicenseProvider if you are trying to enfore licensing on your components.

Hope that helps.