Archive for the ‘.NET’ Category

h1

Using .NET Code Access Security(CAS)

March 13, 2007

The Common Language Runtime allows to perform only operation which the code is permitted to execute. This is to prevent unauthorized access to protected resources or just to protect code. That is why we use Code Access Security. Using it we can restrict our code for performing some kinds of operation and/or restrict other code to perform operations. For this we can use permission sets – collection of permissions. The permission an be : Full Trust, Local Intranet, Internet, Execution and Nothing

  • Full Trust means that code can be executed on every system which can access this code. This means that code is unrestricted.
  • Local Intranet – its code can be executed from machines which can execute code over the same LAN
  • Internet – Internet restriction for executing this code
  • Execution – this code can only be run but the remote process can not access the resources
  • Nothing – this code can not be executed even from the our machine.

Permission set can include more than one of this permissions except Full Thrust because it include all of other. .NET Configuration Tool allows to create other permissions.

Security Policy is configurable set of rules that the CLR uses to determine the permission level to grant to code. It can be Enterprise, Machine, User and Application Domain . These levels are independent each of other and marks the level on which the code can be used.

Here are some code snippets which we van use when we need to use Code Access Security :

How tho get the permission set of the current machine pragmatically. First wee need to define the policy level on which we need to get permission set. We can use System.Security.SecurityManager class.

IEnumerator policyEnumerator = SecurityManager.PolicyHierarchy();

while(policyEnumerator.MoveNext())
{
PolicyLevel currentLevel = (PolicyLevel)policyEnumerator.Current;
if(currentLevel.Label == “Machine”)
{
// Iterate through the permission sets at the Machine level.
IList namedPermissions = currentLevel.NamedPermissionSets;
IEnumerator namedPermission = namedPermissions.GetEnumerator();
// Locate the named permission set.
while(namedPermission.MoveNext())
{

// Write permission set in console

Console.WriteLine(((NamedPermissionSet)namedPermission.Current).Name);
}
}
}

How we can set permission pragmatically

PermissionSet ps = new PermissionSet(PermissionState.None);
ps.AddPermission(new FileIOPermission(
FileIOPermissionAccess.Read | FileIOPermissionAccess.Write ,”C:\\MyFile.txt”));

these are the basic principles of Code Access Security.

Posted in Security | Leave a Comment »

h1

The principle of .NET Remoting

March 1, 2007

Remoting is mechanism for communication between two and more applications. This technology is successor of DCOM in the past but Remoting is universal, secure and more flexible. It is possible to exchange data between two prats of one application isolated in separate ApplicationDomains. In .NET every process is strarted in its own ApplicationDomain but it is possible to separate more ApplicationDomains in one process and vice versa. This organisation is used in IIS where many web applications are started in one process aspnet_wp but can be manipulated independently each other. This is because every web application has his own ApplicationDomain and it keeps it isolated from other web sites.

This technology is organised by communication via channels. There are 3 types of channels TcpChannel, HttpChannel and SoapChannel. The type of channel depends on the the network, application type … The main principle is that a specific instance of class inherits MarshalByRefObject class is created in ApplicationDomain of the application(Server) which has the specific data and this object can be accessed from the application which need the data(Client) via created channel.

In some cases it is possible replace Remoting with WebServices and this is because it is mechanism similar to WebServices but there are some big differences and in some cases Remoting is the only possible way to do something

  • Web services can be accessed only with HTTP protocol Remoting can be across any protocols
  • Web services works is stateless mod. Each time when client needs service results in new object in web service but in Remoting one object can be used by many requests from one client
  • Web services serialized objects through XML .NET Remoting relies on existing of CLR assemblies and contain information about types
  • Web services can be used from applications build on different types of technologies Remoting requires .NET

Posted in Remoting | Leave a Comment »

h1

How to process Gif image with GDI+ and .NET

February 27, 2007

Working with images in .NET is easy process especially when using GDI+ . For this purposes we need to include System.Drawing namespace. and use Image,Bitmap and Graphics classes. This is ok with jpeg, png, bmp … but it is not so easy to manipulate gif images. This is because gifs are indexed pixels and when try to save image to file it is saved with 8 bit per pixels compression. This makes the image which is just saved to looks bad. One way to pass over this issue is as follows:

  1. Get width and height of the original picture
  2. Create a bitmap object in code with width and height just like original image and max resolution( 64 bpp )
  3. Create Graphics object with this non-indexed image
  4. Set CompositingQuality as high on graphics object
  5. Load original gif image as unscaled image in graphics object

Bitmap oNonIndexec = new Bitmap(nWidth, nHeight, PixelFormat.Format64bppPArgb);
oNonIndexec.SetResolution(nWidth, nHeight);
Graphics oGraphics = Graphics.FromImage(oNonIndexec);
oGraphics.CompositingQuality = CompositingQuality.HighQuality;
oGraphics.DrawImageUnscaled(oImage, 0, 0);

This keeps quality as high as possible when processing gifs

Posted in Image Processing | Leave a Comment »