* AnonymousIdentificationModule.cs: added configuration section caching to AppDomain for TARGET_JVM

* RoleManagerModule.cs, UrlAuthorizationModule.cs, FormsAuthenticationModule.cs: refactored configuration section to be a member of a class

svn path=/trunk/mcs/; revision=74728

mcs/class/System.Web/System.Web.Security/AnonymousIdentificationModule.cs

@@ -110,7 +110,20 @@ namespace System.Web.Security {
 		{
 			get
 			{
+#if TARGET_JVM
+				AnonymousIdentificationSection config = (AnonymousIdentificationSection) AppDomain.CurrentDomain.GetData ("Anonymous.Config");
+				if (config == null) {
+					lock (typeof (AnonymousIdentificationModule)) {
+						config = (AnonymousIdentificationSection) AppDomain.CurrentDomain.GetData ("Anonymous.Config");
+						if (config == null)
+							config = (AnonymousIdentificationSection) WebConfigurationManager.GetSection ("system.web/anonymousIdentification");
+						AppDomain.CurrentDomain.SetData ("Anonymous.Config", config);
+					}
+				}
+				return config;
+#else
 				return (AnonymousIdentificationSection) WebConfigurationManager.GetSection ("system.web/anonymousIdentification");
+#endif
 			}
 		}
 	}

mcs/class/System.Web/System.Web.Security/ChangeLog

@@ -1,3 +1,12 @@
+2007-03-21 Vladimir Krasnov <[email protected]>
+
+	* AnonymousIdentificationModule.cs: added configuration section caching
+	to AppDomain for TARGET_JVM
+	* RoleManagerModule.cs:
+	* UrlAuthorizationModule.cs:
+	* FormsAuthenticationModule.cs: refactored configuration section to be
+	a member of a class
+
 2007-03-20  Marek Habersack  <[email protected]>
 
 	* FormsAuthentication.cs, Roles.cs: remove roles cookie on sign

mcs/class/System.Web/System.Web.Security/FormsAuthenticationModule.cs

@@ -39,6 +39,11 @@ namespace System.Web.Security
 	[AspNetHostingPermission (SecurityAction.LinkDemand, Level = AspNetHostingPermissionLevel.Minimal)]
 	public sealed class FormsAuthenticationModule : IHttpModule
 	{
+#if NET_2_0
+		AuthenticationSection _config = null;
+#else
+		AuthConfig _config = null;
+#endif
 		[SecurityPermission (SecurityAction.Demand, UnmanagedCode = true)]
 		public FormsAuthenticationModule ()
 		{
@@ -52,6 +57,11 @@ namespace System.Web.Security
 		{
 			app.AuthenticateRequest += new EventHandler (OnAuthenticateRequest);
 			app.EndRequest += new EventHandler (OnEndRequest);
+#if NET_2_0
+			_config = (AuthenticationSection) WebConfigurationManager.GetSection ("system.web/authentication");
+#else
+			_config = (AuthConfig) app.Context.GetConfig ("system.web/authentication");
+#endif
 		}
 
 		void OnAuthenticateRequest (object sender, EventArgs args)
@@ -64,26 +74,20 @@ namespace System.Web.Security
 			string loginPage;
 			bool slidingExpiration;
 
-#if NET_2_0
-			AuthenticationSection config = (AuthenticationSection) WebConfigurationManager.GetSection ("system.web/authentication");
-#else
-			AuthConfig config = (AuthConfig) context.GetConfig ("system.web/authentication");
-#endif
-
-			if (config == null || config.Mode != AuthenticationMode.Forms) {
+			if (_config == null || _config.Mode != AuthenticationMode.Forms) {
 				return;
 			}
 
 #if NET_2_0
-			cookieName = config.Forms.Name;
-			cookiePath = config.Forms.Path;
-			loginPage = config.Forms.LoginUrl;
-			slidingExpiration = config.Forms.SlidingExpiration;
+			cookieName = _config.Forms.Name;
+			cookiePath = _config.Forms.Path;
+			loginPage = _config.Forms.LoginUrl;
+			slidingExpiration = _config.Forms.SlidingExpiration;
 #else
-			cookieName = config.CookieName;
-			cookiePath = config.CookiePath;
-			loginPage = config.LoginUrl;
-			slidingExpiration = config.SlidingExpiration;
+			cookieName = _config.CookieName;
+			cookiePath = _config.CookiePath;
+			loginPage = _config.LoginUrl;
+			slidingExpiration = _config.SlidingExpiration;
 #endif
 
 			string reqPath = "";
@@ -154,13 +158,11 @@ namespace System.Web.Security
 
 			string loginPage;
 #if NET_2_0
-			AuthenticationSection config = (AuthenticationSection) WebConfigurationManager.GetSection ("system.web/authentication");
-			loginPage = config.Forms.LoginUrl;
+			loginPage = _config.Forms.LoginUrl;
 #else
-			AuthConfig config = (AuthConfig) context.GetConfig ("system.web/authentication");
-			loginPage = config.LoginUrl;
+			loginPage = _config.LoginUrl;
 #endif
-			if (config == null || config.Mode != AuthenticationMode.Forms)
+			if (_config == null || _config.Mode != AuthenticationMode.Forms)
 				return;
 
 			StringBuilder login = new StringBuilder ();

mcs/class/System.Web/System.Web.Security/RoleManagerModule.cs

@@ -38,6 +38,8 @@ using System.Web.Configuration;
 
 namespace System.Web.Security {
 	public sealed class RoleManagerModule : IHttpModule {
+		RoleManagerSection _config = null;
+
 		public event RoleManagerEventHandler GetRoles;
 
 		public void Dispose ()
@@ -46,23 +48,21 @@ namespace System.Web.Security {
 
 		void ClearCookie (HttpApplication app, string cookieName)
 		{
-			RoleManagerSection config = (RoleManagerSection) WebConfigurationManager.GetSection ("system.web/roleManager");
-			HttpCookie clearCookie = new HttpCookie (config.CookieName, "");
+			HttpCookie clearCookie = new HttpCookie (_config.CookieName, "");
 
-			clearCookie.Path = config.CookiePath;
+			clearCookie.Path = _config.CookiePath;
 			clearCookie.Expires = DateTime.MinValue;
-			clearCookie.Domain = config.Domain;
-			clearCookie.Secure = config.CookieRequireSSL;
+			clearCookie.Domain = _config.Domain;
+			clearCookie.Secure = _config.CookieRequireSSL;
 			app.Response.SetCookie (clearCookie);
 		}
 
 		void OnPostAuthenticateRequest (object sender, EventArgs args)
 		{
 			HttpApplication app = (HttpApplication)sender;
-			RoleManagerSection config = (RoleManagerSection)WebConfigurationManager.GetSection ("system.web/roleManager");
 
 			/* if we're disabled, bail out early */
-			if (!config.Enabled)
+			if (!_config.Enabled)
 				return;
 
 			/* allow the user to populate the Role */
@@ -77,16 +77,16 @@ namespace System.Web.Security {
 
 			RolePrincipal principal;
 
-			HttpCookie cookie = app.Request.Cookies[config.CookieName];
+			HttpCookie cookie = app.Request.Cookies [_config.CookieName];
 
 			IIdentity currentIdentity = app.Context.User.Identity;
 			if (app.Request.IsAuthenticated) {
 				if (cookie != null) {
-					if (!config.CacheRolesInCookie)
+					if (!_config.CacheRolesInCookie)
 						cookie = null;
-					else if (config.CookieRequireSSL && !app.Request.IsSecureConnection) {
+					else if (_config.CookieRequireSSL && !app.Request.IsSecureConnection) {
 						cookie = null;
-						ClearCookie (app, config.CookieName);
+						ClearCookie (app, _config.CookieName);
 					}
 						
 				}
@@ -100,7 +100,7 @@ namespace System.Web.Security {
 				/* anonymous request */
 
 				if (cookie != null) {
-					ClearCookie (app, config.CookieName);
+					ClearCookie (app, _config.CookieName);
 				}
 
 				principal = new RolePrincipal (currentIdentity);
@@ -113,11 +113,10 @@ namespace System.Web.Security {
 		void OnEndRequest (object sender, EventArgs args)
 		{
 			HttpApplication app = (HttpApplication)sender;
-			RoleManagerSection config = (RoleManagerSection)WebConfigurationManager.GetSection ("system.web/roleManager");
 
 			/* if we're not enabled or configured to cache
 			 * cookies, bail out */
-			if (!config.Enabled || !config.CacheRolesInCookie)
+			if (!_config.Enabled || !_config.CacheRolesInCookie)
 				return;
 
 			/* if the user isn't authenticated, bail
@@ -128,7 +127,7 @@ namespace System.Web.Security {
 			/* if the configuration requires ssl for
 			 * cookies and we're not on an ssl connection,
 			 * bail out */
-			if (config.CookieRequireSSL && !app.Request.IsSecureConnection)
+			if (_config.CookieRequireSSL && !app.Request.IsSecureConnection)
 				return;
 
 			RolePrincipal principal = app.Context.User as RolePrincipal;
@@ -140,19 +139,19 @@ namespace System.Web.Security {
 
 			string ticket = principal.ToEncryptedTicket ();
 			if (ticket == null || ticket.Length > 4096) {
-				ClearCookie (app, config.CookieName);
+				ClearCookie (app, _config.CookieName);
 				return;
 			}
 
-			HttpCookie cookie = new HttpCookie (config.CookieName, ticket);
+			HttpCookie cookie = new HttpCookie (_config.CookieName, ticket);
 
 			cookie.HttpOnly = true;
-			if (!string.IsNullOrEmpty (config.Domain))
-				cookie.Domain = config.Domain;
-			if (config.CookieRequireSSL)
+			if (!string.IsNullOrEmpty (_config.Domain))
+				cookie.Domain = _config.Domain;
+			if (_config.CookieRequireSSL)
 				cookie.Secure = true;
-			if (config.CookiePath.Length > 1) // more than '/'
-				cookie.Path = config.CookiePath;
+			if (_config.CookiePath.Length > 1) // more than '/'
+				cookie.Path = _config.CookiePath;
 			app.Response.SetCookie (cookie);
 		}
 
@@ -160,6 +159,8 @@ namespace System.Web.Security {
 		{
 			app.PostAuthenticateRequest += OnPostAuthenticateRequest;
 			app.EndRequest += OnEndRequest;
+
+			_config = (RoleManagerSection) WebConfigurationManager.GetSection ("system.web/roleManager");
 		}
 	}
 }

mcs/class/System.Web/System.Web.Security/UrlAuthorizationModule.cs

@@ -37,6 +37,11 @@ namespace System.Web.Security
 	[AspNetHostingPermission (SecurityAction.LinkDemand, Level = AspNetHostingPermissionLevel.Minimal)]
 	public sealed class UrlAuthorizationModule : IHttpModule
 	{
+#if NET_2_0
+		AuthorizationSection _config;
+#else
+		AuthorizationConfig _config;
+#endif
 		[SecurityPermission (SecurityAction.Demand, UnmanagedCode = true)]
 		public UrlAuthorizationModule ()
 		{
@@ -49,6 +54,11 @@ namespace System.Web.Security
 		public void Init (HttpApplication app)
 		{
 			app.AuthorizeRequest += new EventHandler (OnAuthorizeRequest);
+#if NET_2_0
+			_config = (AuthorizationSection) WebConfigurationManager.GetSection ("system.web/authorization");
+#else
+			_config = (AuthorizationConfig) app.Context.GetConfig ("system.web/authorization");
+#endif
 		}
 
 		void OnAuthorizeRequest (object sender, EventArgs args)
@@ -58,14 +68,10 @@ namespace System.Web.Security
 			if (context.SkipAuthorization)
 				return;
 
-#if NET_2_0
-			AuthorizationSection config = (AuthorizationSection) WebConfigurationManager.GetSection ("system.web/authorization");
-#else
-			AuthorizationConfig config = (AuthorizationConfig) context.GetConfig ("system.web/authorization");
-			if (config == null)
+			if (_config == null)
 				return;
-#endif
-			if (!config.IsValidUser (context.User, context.Request.HttpMethod)) {
+
+			if (!_config.IsValidUser (context.User, context.Request.HttpMethod)) {
 				HttpException e = new HttpException (401, "Unauthorized");
 				
 				context.Response.StatusCode = 401;