Exercise 2: Using RBS Demands in .NET

Encoding QR Code JIS X 0510 in .NET Exercise 2: Using RBS Demands

Exercise 2: Using RBS Demands
QR-Code Maker In VS .NET
Using Barcode printer for Visual Studio .NET Control to generate, create QR image in VS .NET applications.
www.OnBarcode.com
Quick Response Code Scanner In Visual Studio .NET
Using Barcode recognizer for .NET Control to read, scan read, scan image in .NET applications.
www.OnBarcode.com
1. How will you to hide the buttons that are inaccessible to users
Printing Bar Code In .NET Framework
Using Barcode drawer for Visual Studio .NET Control to generate, create bar code image in .NET applications.
www.OnBarcode.com
Barcode Decoder In .NET
Using Barcode recognizer for .NET Control to read, scan read, scan image in .NET framework applications.
www.OnBarcode.com
Create a WindowsPrincipal object based on the current user, and then use the WindowsPrincipal .IsInRole method to check the user s group memberships when the form is initialized. Based on those memberships, set the Visible state of the inaccessible buttons to false. For the Divide button, create a WindowsIdentity object based on the current user, and verify that the WindowsIdentity.Name value is equal to COMPUTERNAME\CPhilp.
QR Creator In C#
Using Barcode creator for VS .NET Control to generate, create QR Code ISO/IEC18004 image in Visual Studio .NET applications.
www.OnBarcode.com
Drawing QR-Code In .NET
Using Barcode encoder for ASP.NET Control to generate, create QR Code 2d barcode image in ASP.NET applications.
www.OnBarcode.com
Questions and Answers
Drawing QR Code 2d Barcode In Visual Basic .NET
Using Barcode maker for VS .NET Control to generate, create Quick Response Code image in Visual Studio .NET applications.
www.OnBarcode.com
Creating Code 3 Of 9 In .NET
Using Barcode printer for Visual Studio .NET Control to generate, create Code-39 image in .NET applications.
www.OnBarcode.com
5-55
Matrix 2D Barcode Generator In .NET
Using Barcode encoder for Visual Studio .NET Control to generate, create Matrix 2D Barcode image in VS .NET applications.
www.OnBarcode.com
Bar Code Creation In VS .NET
Using Barcode maker for .NET Control to generate, create barcode image in VS .NET applications.
www.OnBarcode.com
2. Which techniques will you use to protect each of the addButton_Click, subtractButton_Click, divideButton_Click, and multiply methods
UCC - 12 Generator In .NET Framework
Using Barcode drawer for VS .NET Control to generate, create UCC-128 image in VS .NET applications.
www.OnBarcode.com
Generate International Standard Book Number In VS .NET
Using Barcode generation for .NET framework Control to generate, create ISBN image in VS .NET applications.
www.OnBarcode.com
You should:
ECC200 Creation In Objective-C
Using Barcode drawer for iPad Control to generate, create Data Matrix 2d barcode image in iPad applications.
www.OnBarcode.com
Generate Denso QR Bar Code In Objective-C
Using Barcode creation for iPhone Control to generate, create QR Code ISO/IEC18004 image in iPhone applications.
www.OnBarcode.com
Use imperative RBS demands to protect the addButton_Click, subtractButton_Click, and
Encoding EAN13 In None
Using Barcode generation for Microsoft Excel Control to generate, create EAN13 image in Office Excel applications.
www.OnBarcode.com
PDF 417 Recognizer In VB.NET
Using Barcode scanner for Visual Studio .NET Control to read, scan read, scan image in .NET framework applications.
www.OnBarcode.com
divideButton_Click methods, since these are called directly by Windows events.
European Article Number 13 Generation In Java
Using Barcode generator for Android Control to generate, create EAN13 image in Android applications.
www.OnBarcode.com
ECC200 Scanner In Visual C#
Using Barcode scanner for .NET framework Control to read, scan read, scan image in Visual Studio .NET applications.
www.OnBarcode.com
Use declarative RBS demands to protect the multiply method, since this method is called
Encoding Code39 In Java
Using Barcode creator for BIRT reports Control to generate, create ANSI/AIM Code 39 image in Eclipse BIRT applications.
www.OnBarcode.com
UPC-A Scanner In None
Using Barcode reader for Software Control to read, scan read, scan image in Software applications.
www.OnBarcode.com
directly by the assembly and not by a Windows event.
Catch all System.Security.SecurityException exceptions and display an ambiguous error
message to the user.
3. Open the C# or Visual Basic .NET application named RBS by using Microsoft Visual Studio .NET, and make the updates requested by the IT Manager. Show your work.
The following code will work (some code generated by Visual Studio .NET has been omitted for simplicity):
using using using using using using
System;
System.Drawing;
System.Collections;
System.ComponentModel;
System.Windows.Forms;
System.Data;
// Include Principal and Permissions namespaces for RBS functionality
using System.Security.Principal;
using System.Security.Permissions;
namespace DeclarativeRBS {
/// <summary>
/// GUI app that provides access to highly confidential algorithms.
/// </summary>
public class Form1 : System.Windows.Forms.Form {
private System.Windows.Forms.Button addButton;
private System.Windows.Forms.Button multiplyButton;
private System.Windows.Forms.Label answerLabel;
private System.Windows.Forms.TextBox integer1;
private System.Windows.Forms.TextBox integer2;
private System.Windows.Forms.Button subtractButton;
private System.Windows.Forms.Button divideButton;
private System.ComponentModel.Container components = null;
public Form1()
InitializeComponent();
// Create a WindowsIdentity object representing the current user WindowsIdentity currentIdentity = WindowsIdentity.GetCurrent();
5-56
5
Implementing Role-Based Security
// Create a WindowsPrincipal object representing the current user WindowsPrincipal currentPrincipal = new WindowsPrincipal(currentIdentity); // Set the security policy context to Windows security System.AppDomain.CurrentDomain.SetPrincipalPolicy( PrincipalPolicy.WindowsPrincipal); // Hide the subtract and multiply buttons // if the user is not an Administrator if (!currentPrincipal.IsInRole(WindowsBuiltInRole.Administrator)) { subtractButton.Visible = false;
multiplyButton.Visible = false;
// Hide the Add button if the user is not in the Users group
if (!currentPrincipal.IsInRole(WindowsBuiltInRole.User))
addButton.Visible = false;
// Hide the Divide button if the user is not named CPhilp if (!(currentIdentity.Name.ToLower() == System.Environment.MachineName.ToLower() + @"\cphilp )) { divideButton.Visible = false; } } protected override void Dispose( bool disposing ) {
if( disposing )
if (components != null)
components.Dispose();
base.Dispose( disposing );
} [STAThread]
static void Main()
Application.Run(new Form1());
private void addButton_Click(object sender, System.EventArgs e) {
// Demand that user is member of the built-in Users group // Because this method is called by a Windows event, // protect it with a imperative RBS demand
Questions and Answers
PrincipalPermission userPermission = new PrincipalPermission(null, @"BUILTIN\Users ); userPermission.Demand(); // Perform super-secret mathematical calculations int answer = (int.Parse(integer1.Text) + int.Parse(integer2.Text)); answerLabel.Text = answer.ToString(); } catch(System.Security.SecurityException ex) { // Display message box explaining access denial MessageBox.Show( You have been denied access. ); // TODO: Log error }
private void multiplyButton_Click(object sender, System.EventArgs e) {
// Perform super-secret mathematical calculations answerLabel.Text = multiply(int.Parse(integer1.Text), int.Parse(integer2.Text)).ToString(); } catch (System.Security.SecurityException ex) { // Display message box explaining access denial MessageBox.Show( You have been denied access. ); // TODO: Log error }
// Because the multiply function is not called directly from a Windows // event, protect it with a declarative RBS demand [PrincipalPermission(SecurityAction.Demand, Role = @"BUILTIN\Administrators )] private int multiply(int int1, int int2) { return int1 * int2;
private void subtractButton_Click(object sender, System.EventArgs e) {
// Demand that user is member of the built-in Administrators // group. Because this method is called by a Windows event, // protect it with a imperative RBS demand PrincipalPermission administratorPermission = new PrincipalPermission(null, @"BUILTIN\Administrators ); administratorPermission.Demand(); // Perform super-secret mathematical calculations int answer = (int.Parse(integer1.Text) - int.Parse(integer2.Text));
5-57
5-58
5
Implementing Role-Based Security
answerLabel.Text = answer.ToString(); } catch(System.Security.SecurityException ex) { // Display message box explaining access denial MessageBox.Show( You have been denied access. ); // TODO: Log error }
private void divideButton_Click(object sender, System.EventArgs e) { // Concatenate the computer and username string allowUser = System.Environment.MachineName + @"\cphilp"; try { // Demand that user has the username cphilp on the local // computer. Because this method is called by a Windows event, // protect it with a imperative RBS demand PrincipalPermission administratorPermission = new PrincipalPermission(allowUser, null); administratorPermission.Demand(); // Perform super-secret mathematical calculations Decimal answer = (Decimal.Parse(integer1.Text) / Decimal.Parse(integer2.Text)); answerLabel.Text = Decimal.Round(answer, 2).ToString(); } catch(System.Security.SecurityException ex) { // Display message box explaining access denial MessageBox.Show( You have been denied access. ); // TODO: Log error } } } }
Include Principal and Permissions namespaces for RBS functionality Imports System.Security.Principal Imports System.Security.Permissions Public Class Form1 Inherits System.Windows.Forms.Form Public Sub New()
MyBase.New()
Copyright © OnBarcode.com . All rights reserved.