Private full trust proxy

Einem Kunden von uns wollte nicht, dass ein FullTrustProxy für andere Anwendungen erreichbar ist. Deshalb wird zukünftig der Proxy wie folgt gesichert. Der Text soll in den Development Guidelines des Kunden ergänzt werden und ist deshalb in Englisch verfasst.

In your projects you don’t want your full trust proxy to be accessible for other solutions. This would be a security issue. To secure your full trust proxy so that it can only be used by your application you have to provision your proxy arguments in a separate (common) assembly and mark the argument type with the internal modifier. To use these arguments in the farm- and sandboxed solutions you have to add the InternalsVisibleToAttribute to the common assembly. The attribute is added to the Properties.cs like this:

[assembly: InternalsVisibleTo("AssemblyName, PublicKey=…")]

You can get the public key by using the tool sn.exe with the option –Tp:

sn.exe –Tp assembly.dll

In your proxy you can then evaluate the arguments by checking their type against you internal type:

var convertedArgs = args as MyArgs;
if (convertedArgs == null)
    throw new SecurityException("This proxy operation can only be called with 'MyArgs'.")

The common assembly must be packaged in the farm and in the sandboxed solution.

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

writeabout.net

DevOps, GitHub, Git, .Net, Azure, Scrum

Private full trust proxy

Leave a Reply Cancel reply

Share this:

Like this:

Leave a Reply Cancel reply