public static Semaphore GetMailboxOperationSemaphore(Guid mailboxGuid, out string name)
{
name = "SiteMailboxSyncSemaphore_" + mailboxGuid.ToString();
Semaphore result;
try
{
SemaphoreSecurity semaphoreSecurity = new SemaphoreSecurity();
SemaphoreAccessRule rule = new SemaphoreAccessRule(new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null), SemaphoreRights.FullControl, AccessControlType.Allow);
semaphoreSecurity.AddAccessRule(rule);
bool flag = false;
result = new Semaphore(1, 1, name, ref flag, semaphoreSecurity);
}
catch (IOException innerException)
{
throw new StorageTransientException(new LocalizedString(string.Format("Failed to create named semaphore for mailbox {0} because of IOException", name)), innerException);
}
catch (UnauthorizedAccessException innerException2)
{
throw new StoragePermanentException(new LocalizedString(string.Format("Failed to create named semaphore for mailbox {0} because of UnauthorizedAccessException", name)), innerException2);
}
catch (WaitHandleCannotBeOpenedException innerException3)
{
throw new StoragePermanentException(new LocalizedString(string.Format("Failed to create named semaphore for mailbox {0} because of WaitHandleCannotBeOpenedException", name)), innerException3);
}
return(result);
}
static void BuildAcldSemaphoreFromConfig()
{
SemaphoreSecurity semSec = new SemaphoreSecurity();
string authorizationLocation = @".\Server\AuthorizationList.xml";
XPathDocument xpathDoc = new XPathDocument(authorizationLocation);
XPathNavigator xpathNav = xpathDoc.CreateNavigator();
xpathNav = xpathNav.SelectSingleNode("remotingAuthorization");
if (xpathNav.HasChildren)
{
xpathNav.MoveToChild(XPathNodeType.Element);
do
{
AccessControlType accessType = (AccessControlType)Enum.Parse(typeof(AccessControlType), xpathNav.Name, true);
xpathNav.MoveToAttribute("users", xpathNav.NamespaceURI);
NTAccount account = new NTAccount(xpathNav.Value);
SemaphoreAccessRule semRule = new SemaphoreAccessRule(
(IdentityReference)account,
SemaphoreRights.Synchronize,
accessType);
Console.WriteLine("{0} access for: {1}", accessType.ToString(), account.Value);
xpathNav.MoveToParent();
semSec.AddAccessRule(semRule);
} while (xpathNav.MoveToNext(XPathNodeType.Element));
}
sem.SetAccessControl(semSec);
}
private bool AreAccessRulesEqual(SemaphoreAccessRule expectedRule, SemaphoreAccessRule actualRule)
{
return
(expectedRule.AccessControlType == actualRule.AccessControlType &&
expectedRule.SemaphoreRights == actualRule.SemaphoreRights &&
expectedRule.InheritanceFlags == actualRule.InheritanceFlags &&
expectedRule.PropagationFlags == actualRule.PropagationFlags);
}
private SemaphoreSecurity GetSemaphoreSecurity(WellKnownSidType sid, SemaphoreRights rights, AccessControlType accessControl)
{
SemaphoreSecurity security = new SemaphoreSecurity();
SecurityIdentifier identity = new SecurityIdentifier(sid, null);
SemaphoreAccessRule accessRule = new SemaphoreAccessRule(identity, rights, accessControl);
security.AddAccessRule(accessRule);
return(security);
}
static Semaphore CreateGlobalSemaphoreAccessibleToEveryone(string name)
{
var semaphoreSecurity = new SemaphoreSecurity();
var everyone = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
var rule = new SemaphoreAccessRule(everyone, SemaphoreRights.FullControl, AccessControlType.Allow);
semaphoreSecurity.AddAccessRule(rule);
bool createdNew;
var semaphore = new Semaphore(1, 1, name, out createdNew, semaphoreSecurity);
return(semaphore);
}
internal static bool IsNew(string semaphoreName)
{
bool isNewInstance;
var semaphoreSecurity = new SemaphoreSecurity();
var securityIdentifier = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
var semaphoreAccessRule = new SemaphoreAccessRule(securityIdentifier, SemaphoreRights.FullControl, AccessControlType.Allow);
semaphoreSecurity.AddAccessRule(semaphoreAccessRule);
instanceSemaphore = new Semaphore(0, 1, $"Global\\{semaphoreName}", out isNewInstance, semaphoreSecurity);
return(isNewInstance);
}
public static Semaphore CreateAndGetNamedSemaphore(string accessUserName, string semaphoreName)
{
Semaphore resultSemaphore = null;
string truncatedCreateSemaphoreName = string.Empty;
try
{
bool createdNew = false;
truncatedCreateSemaphoreName = CheckRunDataHandles.StripIdOfMachineNames(semaphoreName);
// Create rights on the semaphore so the test user can signal it
SemaphoreSecurity semaphoreSecurity = new SemaphoreSecurity();
// Allow the user specified in the parameter to signal the semaphore. This user may be the identify specified with the distributed solution.
SemaphoreAccessRule rule = new SemaphoreAccessRule(accessUserName, SemaphoreRights.Synchronize | SemaphoreRights.Modify, AccessControlType.Allow);
semaphoreSecurity.AddAccessRule(rule);
// Allow the current user to signal the semaphore. Note that a different format is required for a local user vs. a domain user
string currentUserName = Environment.UserName;
// Check if local user or domain user
if (!string.IsNullOrEmpty(Environment.UserDomainName))
{
currentUserName = Environment.UserDomainName + "\\" + currentUserName;
}
rule = new SemaphoreAccessRule(currentUserName, SemaphoreRights.Synchronize | SemaphoreRights.Modify, AccessControlType.Allow);
semaphoreSecurity.AddAccessRule(rule);
// Create the semaphore
resultSemaphore = new Semaphore(0, 1, truncatedCreateSemaphoreName, out createdNew, semaphoreSecurity);
if (!createdNew)
{
throw new CheckInfrastructureClientException(string.Format("Semaphore with name='{0}' for user='******' was not created.", truncatedCreateSemaphoreName, accessUserName));
}
}
catch (UnauthorizedAccessException ex)
{
if (ex.Message.Contains("Access to the port"))
{
throw new CheckInfrastructureClientException(string.Format("Semaphore with name='{0}' for user='******' was not created. Is there a duplicate named semaphore?", truncatedCreateSemaphoreName, accessUserName));
}
else
{
throw;
}
}
return(resultSemaphore);
}
public static void Main()
{
// Create a string representing the current user.
string user = Environment.UserDomainName + "\\" +
Environment.UserName;
// Create a security object that grants no access.
SemaphoreSecurity mSec = new SemaphoreSecurity();
// Add a rule that grants the current user the
// right to enter or release the semaphore.
SemaphoreAccessRule rule = new SemaphoreAccessRule(user,
SemaphoreRights.Synchronize | SemaphoreRights.Modify,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
// Add a rule that denies the current user the
// right to change permissions on the semaphore.
rule = new SemaphoreAccessRule(user,
SemaphoreRights.ChangePermissions,
AccessControlType.Deny);
mSec.AddAccessRule(rule);
// Display the rules in the security object.
ShowSecurity(mSec);
// Add a rule that allows the current user the
// right to read permissions on the semaphore. This rule
// is merged with the existing Allow rule.
rule = new SemaphoreAccessRule(user,
SemaphoreRights.ReadPermissions,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
ShowSecurity(mSec);
// Create a rule that allows the current user to
// change the owner of the semaphore, and use that rule
// to remove the existing allow access rule from
// the SemaphoreSecurity object, showing that the user
// and access type must match, while the rights are
// ignored.
Console.WriteLine("Use RemoveAccessRuleAll to remove the Allow rule.");
rule = new SemaphoreAccessRule(user,
SemaphoreRights.TakeOwnership,
AccessControlType.Allow);
mSec.RemoveAccessRuleAll(rule);
ShowSecurity(mSec);
}
public static void Main()
{
// Create a string representing the current user.
string user = Environment.UserDomainName + "\\" +
Environment.UserName;
// Create a security object that grants no access.
SemaphoreSecurity mSec = new SemaphoreSecurity();
// Add a rule that grants the current user the
// right to enter or release the semaphore and read the
// permissions on the semaphore.
SemaphoreAccessRule rule = new SemaphoreAccessRule(user,
SemaphoreRights.Synchronize | SemaphoreRights.Modify
| SemaphoreRights.ReadPermissions,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
// Add a rule that denies the current user the
// right to change permissions on the semaphore.
rule = new SemaphoreAccessRule(user,
SemaphoreRights.ChangePermissions,
AccessControlType.Deny);
mSec.AddAccessRule(rule);
// Display the rules in the security object.
ShowSecurity(mSec);
// Create a rule that grants the current user
// the right to read permissions on the semaphore, and
// take ownership of the semaphore. Use this rule to
// remove the right to read permissions from the
// Allow rule for the current user. The inclusion
// of the right to take ownership has no effect.
rule = new SemaphoreAccessRule(user,
SemaphoreRights.TakeOwnership |
SemaphoreRights.ReadPermissions,
AccessControlType.Allow);
mSec.RemoveAccessRule(rule);
ShowSecurity(mSec);
}
public static void Main()
{
// Create a string representing the current user.
string user = Environment.UserDomainName + "\\" +
Environment.UserName;
// Create a security object that grants no access.
SemaphoreSecurity mSec = new SemaphoreSecurity();
// Add a rule that grants the current user the
// right to enter or release the semaphore and read the
// permissions on the semaphore.
SemaphoreAccessRule rule = new SemaphoreAccessRule(user,
SemaphoreRights.Synchronize | SemaphoreRights.Modify
| SemaphoreRights.ReadPermissions,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
// Add a rule that denies the current user the
// right to change permissions on the semaphore.
rule = new SemaphoreAccessRule(user,
SemaphoreRights.ChangePermissions,
AccessControlType.Deny);
mSec.AddAccessRule(rule);
// Display the rules in the security object.
ShowSecurity(mSec);
// Create a rule that grants the current user
// the full control over the semaphore. Use the
// ResetAccessRule method to replace both of
// the existing rules with the new rule.
rule = new SemaphoreAccessRule(user,
SemaphoreRights.FullControl,
AccessControlType.Allow);
mSec.ResetAccessRule(rule);
ShowSecurity(mSec);
}
public static void Main()
{
// Create a string representing the current user.
string user = Environment.UserDomainName + "\\" +
Environment.UserName;
// Create a security object that grants no access.
SemaphoreSecurity mSec = new SemaphoreSecurity();
// Add a rule that grants the current user the
// right to enter or release the semaphore.
SemaphoreAccessRule rule = new SemaphoreAccessRule(user,
SemaphoreRights.Synchronize | SemaphoreRights.Modify,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
// Add a rule that denies the current user the
// right to change permissions on the semaphore.
rule = new SemaphoreAccessRule(user,
SemaphoreRights.ChangePermissions,
AccessControlType.Deny);
mSec.AddAccessRule(rule);
// Display the rules in the security object.
ShowSecurity(mSec);
// Add a rule that allows the current user the
// right to read permissions on the semaphore. This rule
// is merged with the existing Allow rule.
rule = new SemaphoreAccessRule(user,
SemaphoreRights.ReadPermissions,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
ShowSecurity(mSec);
}
public void RemoveAccessRuleAll(SemaphoreAccessRule rule);
public bool RemoveAccessRule(SemaphoreAccessRule rule);
public void AddAccessRule(SemaphoreAccessRule rule);
/// <summary>
/// Initializes this instance.
/// </summary>
/// <returns></returns>
public static bool Initialize()
{
bool bResult = false;
if (CurrentElement == null)
{
// lock
lock (typeof(CompanyWebSiteSemaphore))
{
if (CurrentElement == null)
{
int maxPortalsCount = License.PortalsCount;
Semaphore semaphore = null;
if (maxPortalsCount > 0)
{
// Step 1. Try open Semaphore
try
{
semaphore = Semaphore.OpenExisting(Uid);
}
catch (WaitHandleCannotBeOpenedException)
{
// The named semaphore does not exist.
SemaphoreSecurity security = new SemaphoreSecurity();
// OZ 2009-03-10/Fix: System.Security.Principal.IdentityNotMappedException
//SemaphoreAccessRule accessRule = new SemaphoreAccessRule("Everyone", SemaphoreRights.TakeOwnership | SemaphoreRights.FullControl, AccessControlType.Allow);
SecurityIdentifier everyoneSid = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
SemaphoreAccessRule accessRule = new SemaphoreAccessRule(everyoneSid, SemaphoreRights.TakeOwnership | SemaphoreRights.FullControl, AccessControlType.Allow);
security.AddAccessRule(accessRule);
bool createdNew;
semaphore = new Semaphore(maxPortalsCount, maxPortalsCount, Uid, out createdNew, security);
}
// Wait one with timeout
if (!semaphore.WaitOne(3000, false))
{
throw new LicenseRestrictionException("License.PortalsCount");
}
CurrentElement = new CompanyWebSiteSemaphore(semaphore);
}
else if (maxPortalsCount == -1)
{
// Unlimited
CurrentElement = new CompanyWebSiteSemaphore(null);
}
else
{
throw new LicenseRestrictionException("Wrong License.PortalsCount = " + maxPortalsCount.ToString());
}
bResult = true;
}
}
}
return(bResult);
}
public void AddAccessRule(SemaphoreAccessRule rule)
{
}
public static void Main()
{
// Create a string representing the current user.
string user = Environment.UserDomainName + "\\" +
Environment.UserName;
// Create a security object that grants no access.
SemaphoreSecurity mSec = new SemaphoreSecurity();
// Add a rule that grants the current user the
// right to enter or release the semaphore.
SemaphoreAccessRule ruleA = new SemaphoreAccessRule(user,
SemaphoreRights.Synchronize | SemaphoreRights.Modify,
AccessControlType.Allow);
mSec.AddAccessRule(ruleA);
// Add a rule that denies the current user the
// right to change permissions on the semaphore.
SemaphoreAccessRule rule = new SemaphoreAccessRule(user,
SemaphoreRights.ChangePermissions,
AccessControlType.Deny);
mSec.AddAccessRule(rule);
// Display the rules in the security object.
ShowSecurity(mSec);
// Add a rule that allows the current user the
// right to read permissions on the semaphore. This rule
// is merged with the existing Allow rule.
rule = new SemaphoreAccessRule(user,
SemaphoreRights.ReadPermissions,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
ShowSecurity(mSec);
// Attempt to remove the original rule (granting
// the right to enter or release the semaphore) with
// RemoveAccessRuleSpecific. The removal fails,
// because the right to read the permissions on the
// semaphore has been added to the rule, so that it no
// longer matches the original rule.
Console.WriteLine("Attempt to use RemoveAccessRuleSpecific on the original rule.");
mSec.RemoveAccessRuleSpecific(ruleA);
ShowSecurity(mSec);
// Create a rule that grants the current user
// the right to enter or release the semaphore, and
// to read permissions. Use this rule to remove
// the Allow rule for the current user.
Console.WriteLine("Use RemoveAccessRuleSpecific with the correct rights.");
rule = new SemaphoreAccessRule(user,
SemaphoreRights.Synchronize | SemaphoreRights.Modify |
SemaphoreRights.ReadPermissions,
AccessControlType.Allow);
mSec.RemoveAccessRuleSpecific(rule);
ShowSecurity(mSec);
}
internal static void Main()
{
//<Snippet2>
const string semaphoreName = "SemaphoreExample5";
Semaphore sem = null;
bool doesNotExist = false;
bool unauthorized = false;
// Attempt to open the named semaphore.
try
{
// Open the semaphore with (SemaphoreRights.Synchronize
// | SemaphoreRights.Modify), to enter and release the
// named semaphore.
//
sem = Semaphore.OpenExisting(semaphoreName);
}
catch (WaitHandleCannotBeOpenedException)
{
Console.WriteLine("Semaphore does not exist.");
doesNotExist = true;
}
catch (UnauthorizedAccessException ex)
{
Console.WriteLine("Unauthorized access: {0}", ex.Message);
unauthorized = true;
}
//</Snippet2>
// There are three cases: (1) The semaphore does not exist.
// (2) The semaphore exists, but the current user doesn't
// have access. (3) The semaphore exists and the user has
// access.
//
if (doesNotExist)
{
//<Snippet4>
// The semaphore does not exist, so create it.
//
// The value of this variable is set by the semaphore
// constructor. It is true if the named system semaphore was
// created, and false if the named semaphore already existed.
//
bool semaphoreWasCreated;
// Create an access control list (ACL) that denies the
// current user the right to enter or release the
// semaphore, but allows the right to read and change
// security information for the semaphore.
//
string user = Environment.UserDomainName + "\\"
+ Environment.UserName;
SemaphoreSecurity semSec = new SemaphoreSecurity();
SemaphoreAccessRule rule = new SemaphoreAccessRule(
user,
SemaphoreRights.Synchronize | SemaphoreRights.Modify,
AccessControlType.Deny);
semSec.AddAccessRule(rule);
rule = new SemaphoreAccessRule(
user,
SemaphoreRights.ReadPermissions | SemaphoreRights.ChangePermissions,
AccessControlType.Allow);
semSec.AddAccessRule(rule);
// Create a Semaphore object that represents the system
// semaphore named by the constant 'semaphoreName', with
// maximum count three, initial count three, and the
// specified security access. The Boolean value that
// indicates creation of the underlying system object is
// placed in semaphoreWasCreated.
//
sem = new Semaphore(3, 3, semaphoreName,
out semaphoreWasCreated, semSec);
// If the named system semaphore was created, it can be
// used by the current instance of this program, even
// though the current user is denied access. The current
// program enters the semaphore. Otherwise, exit the
// program.
//
if (semaphoreWasCreated)
{
Console.WriteLine("Created the semaphore.");
}
else
{
Console.WriteLine("Unable to create the semaphore.");
return;
}
//</Snippet4>
}
else if (unauthorized)
{
//<Snippet3>
// Open the semaphore to read and change the access
// control security. The access control security defined
// above allows the current user to do this.
//
try
{
sem = Semaphore.OpenExisting(
semaphoreName,
SemaphoreRights.ReadPermissions
| SemaphoreRights.ChangePermissions);
// Get the current ACL. This requires
// SemaphoreRights.ReadPermissions.
SemaphoreSecurity semSec = sem.GetAccessControl();
string user = Environment.UserDomainName + "\\"
+ Environment.UserName;
// First, the rule that denied the current user
// the right to enter and release the semaphore must
// be removed.
SemaphoreAccessRule rule = new SemaphoreAccessRule(
user,
SemaphoreRights.Synchronize | SemaphoreRights.Modify,
AccessControlType.Deny);
semSec.RemoveAccessRule(rule);
// Now grant the user the correct rights.
//
rule = new SemaphoreAccessRule(user,
SemaphoreRights.Synchronize | SemaphoreRights.Modify,
AccessControlType.Allow);
semSec.AddAccessRule(rule);
// Update the ACL. This requires
// SemaphoreRights.ChangePermissions.
sem.SetAccessControl(semSec);
Console.WriteLine("Updated semaphore security.");
// Open the semaphore with (SemaphoreRights.Synchronize
// | SemaphoreRights.Modify), the rights required to
// enter and release the semaphore.
//
sem = Semaphore.OpenExisting(semaphoreName);
//</Snippet3>
}
catch (UnauthorizedAccessException ex)
{
Console.WriteLine("Unable to change permissions: {0}", ex.Message);
return;
}
}
// Enter the semaphore, and hold it until the program
// exits.
//
try
{
sem.WaitOne();
Console.WriteLine("Entered the semaphore.");
Console.WriteLine("Press the Enter key to exit.");
Console.ReadLine();
sem.Release();
}
catch (UnauthorizedAccessException ex)
{
Console.WriteLine("Unauthorized access: {0}", ex.Message);
}
}
public void ResetAccessRule(SemaphoreAccessRule rule)
{
}
public bool RemoveAccessRule(SemaphoreAccessRule rule)
{
}
public void SetAccessRule(SemaphoreAccessRule rule);
public void RemoveAccessRuleSpecific(SemaphoreAccessRule rule);
public void RemoveAccessRuleSpecific(SemaphoreAccessRule rule)
{
}
public void RemoveAccessRuleAll(SemaphoreAccessRule rule)
{
}
public void SetAccessRule(SemaphoreAccessRule rule);
public void ResetAccessRule(SemaphoreAccessRule rule)
{
}
