<system.web>
<compilation debug="true"
targetFramework="4.0" />
<httpRuntime requestPathInvalidCharacters="" />
<authentication mode="Forms" />
<membership defaultProvider=">
<providers>
<clear />
<add name="ANSMP"
type="Test.Authentication.CustomMembershipProvider"
connectionStringName="DataConnection" />
</providers>
</membership>
<roleManager enabled="true"
defaultProvider="ANSRP">
<providers >
<clear />
<add connectionStringName="DataConnection"
applicationName="/"
name="ANSRP"
type="Test.Authentication.CustomRoleProvider" />
</providers>
</roleManager>
</system.web>
<system.serviceModel>
<behaviours>
<serviceBehaviors>
<behavior name="TestDataBehaviour">
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider"
membershipProviderName="ANSMP"/>
</serviceCredentials>
<serviceMetadata httpGetEnabled="true"
httpsGetEnabled="true" />
<serviceAuthorization principalPermissionMode="UseAspNetRoles"
roleProviderName="ANSRP" />
<dataContractSerializer ignoreExtensionDataObject="true" />
<serviceDebug httpHelpPageBinding="webHttpBinding"
httpHelpPageBindingConfiguration=""
includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviour>
</behaviors>
</system.serviceModel>
Assuming that I leave my custom membership provider and custom role providwer empty (Asin, all methods throw NotImplementedException
); I would expect a error when I attempt to check a role using [PrinciplePermission(SecurityAction.Demand, Role = "Custom")]
or var b = Thread.CurrentPrincipal.IsInRole("Custom")]
However instead it just keeps returning Access is denied
(on the attribute) and false
on the field.
Using Membership.GetAllUsers()
actually does give me a NotImplementedError
.. but how can I make sure that when I use a PrincipalPermission Attribute that it triggers my custom role provider and my custom membership provider?
Edit
I've tried adding , Test.Authentication
to the type of the membership provider as well as the role provider...
However currently PrinciplePermission tells me Request for principal permission failed
Edit 2
When checking my trace logs I found the following:
The action that failed was:
Demand
The type of the first permission that failed was:
System.Security.Permissions.PrincipalPermission
The first permission that failed was:
<IPermission class="System.Security.Permissions.PrincipalPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1">
<Identity Authenticated="true"
Role="Customer"/>
</IPermission>
The demand was for:
<IPermission class="System.Security.Permissions.PrincipalPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1">
<Identity Authenticated="true"
Role="Customer"/>
</IPermission>
The assembly or AppDomain that failed was:
mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
I'm also getting a fair few Extension type not found
warnings
<TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Warning">
<TraceIdentifier>http://msdn.microsoft.com/nl-NL/library/System.ServiceModel.ExtensionTypeNotFound.aspx</TraceIdentifier>
<Description>Extension type not found.</Description>
<AppDomain>/LM/W3SVC/1/ROOT/webapi3-6-130082517071825580</AppDomain>
<ExtendedData xmlns="http://schemas.microsoft.com/2006/08/ServiceModel/DictionaryTraceRecord">
<ExtensionName>pollingDuplexHttpBinding</ExtensionName>
<ExtensionType>System.ServiceModel.Configuration.PollingDuplexHttpBindingCollectionElement, System.ServiceModel.PollingDuplex, version=3.0.0.0, Culture=neutral</ExtensionType>
</ExtendedData>
</TraceRecord>