New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deprecate Code Access Security (CAS) #502
Conversation
Reasons for removal have been stated in the following GitHub issue: castleproject#477
The use of security permissions' and `.IsGranted()` here appears to have had the purpose of allowing this class to work correctly when no credentials are set and executing code would have no permission to read `NetworkCredentials`. We can get rid of security permissions by refactoring code such that the `NetworkCredential` gets created only on demand. The only observ- able difference should be that in the absence of certain granted perm- issions, querying or setting `UserName`, `Password`, or `Domain` will no longer throw immediately. Failure is deferred until the moment when the SMTP client is built.
@@ -7,6 +7,10 @@ Enhancements: | |||
|
|||
Deprecations: | |||
- Removed support for the .NET Framework < 4.5 and .NET Standard 1.x. (@stakx, #495, #496) | |||
- Removed support for Code Access Security (CAS). (@stakx, #502) | |||
- The following public members have been removed: | |||
- `Castle.Core.Internal.PermissionUtil.IsGranted` (method) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note that Windsor is currently using this method, so we will have some work to do when upgrading it to Castle.Core v5.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm hitting this now - not sure of the best way forward. Could bring the method into Windsor instead, or remove CAS from Windsor too, although I've not used it enough to be entirely sure of some of the consequences.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Jevonius, I would suggest that you open an issue over at the Windsor repo (if you haven't already) so there is a dedicated place to discuss removal of CAS support. Until a final decision has been reached there, you could perhaps start by trying to keep the code changes minimal, i.e. simply reintroduce the required method over in Windsor (but keep it private
/ internal
so it doesn't end up as an additional public API).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good suggestion, thanks. There's various other CAS-related attributes dotted around, so warrants a wider discussion. Will replicate these classes for now, but internal/private as suggested.
[edit]"these classes" being the ones related to IsGranted
extension method[/edit]
Castler.Core deprecated CAS handling (castleproject/Core#502), this commit restores the relevant method and associated test. castleproject#612 - Updating Windsor to support Castle.Core@5.0.0 and modern TFMs
Castler.Core deprecated CAS handling (castleproject/Core#502), this commit restores the relevant method and associated test. castleproject#612 - Updating Windsor to support Castle.Core@5.0.0 and modern TFMs
Closes #477.
This is quite a mixed bag, so as usual lately, I've done this one aspect at a time. (Perhaps we should squash this one when merging?)
We could further simplify this by removing
IEmailSender
andDefaultSmtpSender
altogether (in a separate, preceding PR).