AllowPartiallyTrustedCallersAttribute-Klasse
Ermöglicht das Aufrufen von Assemblys mit starkem Namen durch teilweise vertauenswürdigen Code. Ohne diese Deklaration können nur vollständig vertrauenswürdige Aufrufer solche Assemblys verwenden. Die Klasse kann nicht vererbt werden.
Namespace: System.Security
Assembly: mscorlib (in mscorlib.dll)
Syntax
'Declaration
<ComVisibleAttribute(True)> _
<AttributeUsageAttribute(AttributeTargets.Assembly, AllowMultiple:=False, Inherited:=False)> _
Public NotInheritable Class AllowPartiallyTrustedCallersAttribute
Inherits Attribute
'Usage
Dim instance As AllowPartiallyTrustedCallersAttribute
[ComVisibleAttribute(true)]
[AttributeUsageAttribute(AttributeTargets.Assembly, AllowMultiple=false, Inherited=false)]
public sealed class AllowPartiallyTrustedCallersAttribute : Attribute
[ComVisibleAttribute(true)]
[AttributeUsageAttribute(AttributeTargets::Assembly, AllowMultiple=false, Inherited=false)]
public ref class AllowPartiallyTrustedCallersAttribute sealed : public Attribute
/** @attribute ComVisibleAttribute(true) */
/** @attribute AttributeUsageAttribute(AttributeTargets.Assembly, AllowMultiple=false, Inherited=false) */
public final class AllowPartiallyTrustedCallersAttribute extends Attribute
ComVisibleAttribute(true)
AttributeUsageAttribute(AttributeTargets.Assembly, AllowMultiple=false, Inherited=false)
public final class AllowPartiallyTrustedCallersAttribute extends Attribute
Hinweise
AllowPartiallyTrustedCallersAttribute ist nur wirksam, wenn es durch eine Assembly mit starkem Namen auf Assemblyebene angewendet wird. Weitere Informationen über das Anwenden von Attributen auf Assemblyebene finden Sie unter Anwenden von Attributen.
Standardmäßig kann eine Assembly mit starkem Namen, die dieses Attribut nicht explizit auf Assemblyebene zur Verwendung durch teilweise vertrauenswürdigen Code anwendet, nur von anderen Assemblys aufgerufen werden, die von der Sicherheitsrichtlinie als vollständig vertrauenswürdig eingestuft wurden. Diese Einschränkung wird erzwungen, indem eine LinkDemand bezüglich FullTrust in jede öffentliche oder geschützte Methode jeder öffentlich zugänglichen Klasse in der Assembly eingefügt wird. Assemblys, die durch teilweise vertrauenswürdigen Code aufgerufen werden sollen, können dies mithilfe von AllowPartiallyTrustedCallersAttribute deklarieren. Das Attribut wird auf Assemblyebene deklariert. Ein Beispiel für die Deklaration in C# ist [assembly:AllowPartiallyTrustedCallers], ein Beispiel für die Deklaration in Visual Basic ist <assembly:AllowPartiallyTrustedCallers>.
Warnung
Das Vorhandensein dieses Attributs auf Assemblyebene verhindert das Standardverhalten, bei dem FullTrust LinkDemand-Sicherheitsüberprüfungen platziert werden, und bewirkt somit, dass die Assembly von beliebigen anderen Assemblys (teilweise oder vollständig vertrauenswürdig) aufgerufen werden kann.
Wenn dieses Attribut vorhanden ist, bleibt die Funktionsweise aller anderen Sicherheitsüberprüfungen wie vorgesehen bestehen, einschließlich aller vorhandenen deklarativen Sicherheitsattribute auf Klassen- oder Methodenebene. Dieses Attribut blockiert nur die implizite Anforderung bezüglich vollständig vertrauenswürdiger Aufrufer.
Dies ist kein deklaratives Sicherheitsattribut, sondern ein reguläres Attribut (es wird von Attribute und nicht von SecurityAttribute abgeleitet).
Weitere Informationen finden Sie unter Verwenden von Bibliotheken aus teilweise vertrauenswürdigem Code.
Beispiel
Im folgenden Beispiel wird die Verwendung der AllowPartiallyTrustedCallersAttribute-Klasse veranschaulicht.
' The following HTML code can be used to call the user control in this sample.
'
'<HTML>
' <BODY>
' <OBJECT id="usercontrol" classid="usercontrol.dll#UserControl.UserControl1" width="800"
' height="300" style="font-size:12;">
' </OBJECT>
' <p>
' </BODY>
'</HTML>
' To run this test control you must create a strong name key, snkey.snk, and
' a code group that gives full trust to assemblies signed with snkey.snk.
' The user control displays an OpenFileDialog box, then displays a text box containing the name of
' the file selected and a list box that displays the contents of the file. The selected file must
' contain text in order for the control to display the data properly.
' Caution This sample demonstrates the use of the Assert method. Calling Assert removes the
' requirement that all code in the call chain must be granted permission to access the specified
' resource, it can open up security vulnerabilities if used incorrectly or inappropriately. Therefore,
' it should be used with great caution. Assert should always be followed with a RevertAssert
' command to restore the security settings.
Imports System
Imports System.Collections
Imports System.ComponentModel
Imports System.Drawing
Imports System.Data
Imports System.Windows.Forms
Imports System.IO
Imports System.Security
Imports System.Security.Permissions
Imports System.Reflection
Imports System.Runtime.CompilerServices
Imports Microsoft.VisualBasic
' This strong name key is used to create a code group that gives permissions to this assembly.
<Assembly: AssemblyKeyFile("snKey.snk")>
<Assembly: AssemblyVersion("1.0.0.0")>
' The AllowPartiallyTrustedCallersAttribute requires the assembly to be signed with a strong name key.
' This attribute is necessary since the control is called by either an intranet or Internet
' Web page that should be running under restricted permissions.
<Assembly: AllowPartiallyTrustedCallers()>
' The userControl1 displays an OpenFileDialog box, then displays a text box containing the name of
' the file selected and a list box that displays the contents of the file. The selected file must
' contain text in order for the control to display the data properly.
'Demand the zone requirement for the calling application.
<ZoneIdentityPermissionAttribute(SecurityAction.Demand, Zone:=SecurityZone.Intranet)> _
Public Class UserControl1
Inherits System.Windows.Forms.UserControl
Private WithEvents textBox1 As System.Windows.Forms.TextBox
Private listBox1 As System.Windows.Forms.ListBox
' Required designer variable.
Private components As System.ComponentModel.Container = Nothing
Public Sub New()
' This call is required by the Windows.Forms Form Designer.
InitializeComponent()
' The OpenFileDialog box should not require any special permissions.
Dim fileDialog As New OpenFileDialog
If fileDialog.ShowDialog() = DialogResult.OK Then
' Reading the name of the selected file from the OpenFileDialog box
' and reading the file requires FileIOPermission. The user control should
' have this permission granted through its code group; the Web page that calls the
' control should not have this permission. The Assert command prevents a stack walk
' that would fail because the caller does not have the required FileIOPermission.
' The use of Assert can open up security vulnerabilities if used incorrectly or
' inappropriately. Therefore, it should be used with great caution.
' The Assert command should be followed by a RevertAssert as soon as the file operation
' is completed.
Dim fileIOPermission As New FileIOPermission(PermissionState.Unrestricted)
fileIOPermission.Assert()
textBox1.Text = fileDialog.FileName
' Display the contents of the file in the text box.
Dim fsIn As New FileStream(textBox1.Text, FileMode.Open, FileAccess.Read, FileShare.Read)
Dim sr As New StreamReader(fsIn)
' Process every line in the file
Dim Line As String
Line = sr.ReadLine()
While Not (Line Is Nothing)
listBox1.Items.Add(Line)
Line = sr.ReadLine()
End While
' It is very important to call RevertAssert to restore the stack walk for
' file operations.
fileIOPermission.RevertAssert()
End If
End Sub 'New
' Clean up any resources being used.
Protected Overloads Sub Dispose(ByVal disposing As Boolean)
If disposing Then
If Not (components Is Nothing) Then
components.Dispose()
End If
End If
MyBase.Dispose(disposing)
End Sub 'Dispose
' Required method for Designer support - do not modify
' the contents of this method with the code editor.
Private Sub InitializeComponent()
Me.textBox1 = New System.Windows.Forms.TextBox
Me.listBox1 = New System.Windows.Forms.ListBox
Me.SuspendLayout()
'
' textBox1
'
Me.textBox1.Location = New System.Drawing.Point(208, 112)
Me.textBox1.Name = "textBox1"
Me.textBox1.Size = New System.Drawing.Size(320, 20)
Me.textBox1.TabIndex = 0
Me.textBox1.Text = "textBox1"
'
' listBox1
'
Me.listBox1.Location = New System.Drawing.Point(200, 184)
Me.listBox1.Name = "listBox1"
Me.listBox1.Size = New System.Drawing.Size(336, 108)
Me.listBox1.TabIndex = 1
'
' UserControl1
'
Me.Controls.Add(listBox1)
Me.Controls.Add(textBox1)
Me.Name = "UserControl1"
Me.Size = New System.Drawing.Size(592, 400)
Me.ResumeLayout(False)
End Sub 'InitializeComponent
Private Sub UserControl1_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles MyBase.Load
End Sub 'UserControl1_Load
Private Sub textBox1_TextChanged(ByVal sender As Object, ByVal e As System.EventArgs) Handles textBox1.TextChanged
End Sub 'textBox1_TextChanged
End Class 'UserControl1
// The following HTML code can be used to call the user control in this sample.
//
//<HTML>
// <BODY>
// <OBJECT id="usercontrol" classid="usercontrol.dll#UserControl.UserControl1" width="800"
// height="300" style="font-size:12;">
// </OBJECT>
// <p>
// </BODY>
//</HTML>
// To run this test control you must create a strong name key, snkey.snk, and
// a code group that gives full trust to assemblies signed with snkey.snk.
// The user control displays an OpenFileDialog box, then displays a text box containing the name of
// the file selected and a list box that displays the contents of the file. The selected file must
// contain text in order for the control to display the data properly.
// Caution This sample demonstrates the use of the Assert method. Calling Assert removes the
// requirement that all code in the call chain must be granted permission to access the specified
// resource, it can open up security vulnerabilities if used incorrectly or inappropriately. Therefore,
// it should be used with great caution. Assert should always be followed with a RevertAssert
// command to restore the security settings.
using System;
using System.Collections;
using System.ComponentModel;
using System.Drawing;
using System.Data;
using System.Windows.Forms;
using System.IO;
using System.Security;
using System.Security.Permissions;
using System.Reflection;
using System.Runtime.CompilerServices;
// This strong name key is used to create a code group that gives permissions to this assembly.
[assembly: AssemblyKeyFile("snKey.snk")]
[assembly: AssemblyVersion("1.0.0.0")]
// The AllowPartiallyTrustedCallersAttribute requires the assembly to be signed with a strong name key.
// This attribute is necessary since the control is called by either an intranet or Internet
// Web page that should be running under restricted permissions.
[assembly:AllowPartiallyTrustedCallers]
namespace UserControl
{
// The userControl1 displays an OpenFileDialog box, then displays a text box containing the name of
// the file selected and a list box that displays the contents of the file. The selected file must
// contain text in order for the control to display the data properly.
public class UserControl1 : System.Windows.Forms.UserControl
{
private System.Windows.Forms.TextBox textBox1;
private System.Windows.Forms.ListBox listBox1;
// Required designer variable.
private System.ComponentModel.Container components = null;
// Demand the zone requirement for the calling application.
[ZoneIdentityPermission(SecurityAction.Demand, Zone = SecurityZone.Intranet)]
public UserControl1()
{
// This call is required by the Windows.Forms Form Designer.
InitializeComponent();
// The OpenFileDialog box should not require any special permissions.
OpenFileDialog fileDialog = new OpenFileDialog();
if(fileDialog.ShowDialog() == DialogResult.OK)
{
// Reading the name of the selected file from the OpenFileDialog box
// and reading the file requires FileIOPermission. The user control should
// have this permission granted through its code group; the Web page that calls the
// control should not have this permission. The Assert command prevents a stack walk
// that would fail because the caller does not have the required FileIOPermission.
// The use of Assert can open up security vulnerabilities if used incorrectly or
// inappropriately. Therefore, it should be used with great caution.
// The Assert command should be followed by a RevertAssert as soon as the file operation
// is completed.
new FileIOPermission(PermissionState.Unrestricted).Assert();
textBox1.Text = fileDialog.FileName;
// Display the contents of the file in the text box.
FileStream fsIn = new FileStream(textBox1.Text, FileMode.Open, FileAccess.Read,
FileShare.Read);
StreamReader sr = new StreamReader(fsIn);
// Process every line in the file
for (String Line = sr.ReadLine(); Line != null; Line = sr.ReadLine())
{
listBox1.Items.Add(Line);
}
// It is very important to call RevertAssert to restore the stack walk for
// file operations.
FileIOPermission.RevertAssert();
}
}
// Clean up any resources being used.
protected override void Dispose( bool disposing )
{
if( disposing )
{
if( components != null )
components.Dispose();
}
base.Dispose( disposing );
}
#region Component Designer generated code
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
this.textBox1 = new System.Windows.Forms.TextBox();
this.listBox1 = new System.Windows.Forms.ListBox();
this.SuspendLayout();
//
// textBox1
//
this.textBox1.Location = new System.Drawing.Point(208, 112);
this.textBox1.Name = "textBox1";
this.textBox1.Size = new System.Drawing.Size(320, 20);
this.textBox1.TabIndex = 0;
this.textBox1.Text = "textBox1";
this.textBox1.TextChanged += new System.EventHandler(this.textBox1_TextChanged);
//
// listBox1
//
this.listBox1.Location = new System.Drawing.Point(200, 184);
this.listBox1.Name = "listBox1";
this.listBox1.Size = new System.Drawing.Size(336, 108);
this.listBox1.TabIndex = 1;
//
// UserControl1
//
this.Controls.Add(this.listBox1);
this.Controls.Add(this.textBox1);
this.Name = "UserControl1";
this.Size = new System.Drawing.Size(592, 400);
this.Load += new System.EventHandler(this.UserControl1_Load);
this.ResumeLayout(false);
}
#endregion
private void UserControl1_Load(object sender, System.EventArgs e)
{
}
private void textBox1_TextChanged(object sender, System.EventArgs e)
{
}
}
}
Vererbungshierarchie
System.Object
System.Attribute
System.Security.AllowPartiallyTrustedCallersAttribute
Threadsicherheit
Alle öffentlichen statischen (Shared in Visual Basic) Member dieses Typs sind threadsicher. Bei Instanzmembern ist die Threadsicherheit nicht gewährleistet.
Plattformen
Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
.NET Framework unterstützt nicht alle Versionen sämtlicher Plattformen. Eine Liste der unterstützten Versionen finden Sie unter Systemanforderungen.
Versionsinformationen
.NET Framework
Unterstützt in: 2.0, 1.1, 1.0
Siehe auch
Referenz
AllowPartiallyTrustedCallersAttribute-Member
System.Security-Namespace