SecurityCallContext Class
.NET Framework 3.0
Describes the chain of callers leading up to the current method call.
Namespace: System.EnterpriseServices
Assembly: System.EnterpriseServices (in system.enterpriseservices.dll)
Assembly: System.EnterpriseServices (in system.enterpriseservices.dll)
The following code example demonstrates the use of the SecurityCallContext class to interrogate the security context of calls to the methods of a ServicedComponent class.
// Accept a constructor string. [ConstructionEnabled] public class EmployeeInformation : ServicedComponent { // The employee's user name and salary. private string accountName; private double salary = 0; // Get the employee's name. All users can call this method. public string GetName () { return(accountName); } // Set the employee's salary. Only managers can do this. public void SetSalary (double ammount) { if (SecurityCallContext.CurrentCall.IsCallerInRole("Manager")) { salary = ammount; } else { throw new UnauthorizedAccessException(); } } // Get the employee's salary. Only the employee and managers can do this. public double GetSalary () { if ( SecurityCallContext.CurrentCall.DirectCaller.AccountName == accountName || SecurityCallContext.CurrentCall.IsCallerInRole("Manager") ) { return(salary); } else { throw new UnauthorizedAccessException(); } } // Use the constructor string. // This method is called when the object is instantiated. protected override void Construct (string constructorString) { accountName = constructorString; } }
// Accept a constructor string.
/** @attribute ConstructionEnabled()
*/
public class EmployeeInformation extends ServicedComponent
{
// The employee's user name and salary.
private String accountName;
private double salary = 0;
// Get the employee's name. All users can call this method.
public String GetName()
{
return accountName;
} //GetName
// Set the employee's salary. Only managers can do this.
public void SetSalary(double ammount)
throws System.UnauthorizedAccessException
{
if (SecurityCallContext.get_CurrentCall().IsCallerInRole("Manager")) {
salary = ammount;
}
else {
throw new UnauthorizedAccessException();
}
} //SetSalary
// Get the employee's salary. Only the employee and managers can do this.
public double GetSalary() throws System.UnauthorizedAccessException
{
if (SecurityCallContext.get_CurrentCall().get_DirectCaller().
get_AccountName().Equals(accountName)
|| SecurityCallContext.get_CurrentCall().
IsCallerInRole("Manager")) {
return salary;
}
else {
throw new UnauthorizedAccessException();
}
} //GetSalary
// Use the constructor string.
// This method is called when the object is instantiated.
protected void Construct(String constructorString)
{
accountName = constructorString;
} //Construct
} //EmployeeInformation
Community Additions
ADD
Show: