NetCodeGroup(IMembershipCondition) Constructor

Reference

Definition

Namespace:: System.Security.Policy

Assembly:: System.Security.Permissions.dll

Assembly:: mscorlib.dll

Package:: System.Security.Permissions v8.0.0

Package:: System.Security.Permissions v9.0.0-rc.2.24473.5

Source:: NetCodeGroup.cs

Source:: NetCodeGroup.cs

Source:: NetCodeGroup.cs

Source:: NetCodeGroup.cs

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Initializes a new instance of the NetCodeGroup class.

public:
 NetCodeGroup(System::Security::Policy::IMembershipCondition ^ membershipCondition);

public NetCodeGroup (System.Security.Policy.IMembershipCondition membershipCondition);

new System.Security.Policy.NetCodeGroup : System.Security.Policy.IMembershipCondition -> System.Security.Policy.NetCodeGroup

Public Sub New (membershipCondition As IMembershipCondition)

Parameters

membershipCondition: IMembershipCondition

A membership condition that tests evidence to determine whether this code group applies code access security policy.

Exceptions

ArgumentNullException

The membershipCondition parameter is null.

ArgumentException

The type of the membershipCondition parameter is not valid.

Examples

The following code example demonstrates creating a NetCodeGroup and adding CodeConnectAccess objects for code downloaded using the HTTP scheme.


static void SetNetCodeGroupAccess()
{
    String^ userPolicyLevel = "User";
    // Locate the User policy level.
    PolicyLevel^ level = nullptr;
    System::Collections::IEnumerator^ ph = 
        System::Security::SecurityManager::PolicyHierarchy();
    while(ph->MoveNext())
    {
        level = (PolicyLevel^)ph->Current;
        if (level->Label == userPolicyLevel)
        {
            break;       
        }
    }
    if (level->Label != userPolicyLevel)
        throw gcnew ApplicationException("Could not find User policy level.");

    IMembershipCondition^ membership =
        gcnew UrlMembershipCondition("http://www.contoso.com/*");
    NetCodeGroup^ codeGroup = gcnew NetCodeGroup(membership);
    // Delete default settings.
    codeGroup->ResetConnectAccess();
    // Create an object that represents access to the FTP scheme and 
    // default port.
    CodeConnectAccess^ CodeAccessFtp = 
        gcnew CodeConnectAccess(Uri::UriSchemeFtp, 
        CodeConnectAccess::DefaultPort);
    // Create an object that represents access to the HTTPS scheme 
    // and default port.
    CodeConnectAccess^ CodeAccessHttps = 
        gcnew CodeConnectAccess(Uri::UriSchemeHttps, 
        CodeConnectAccess::DefaultPort);
    // Create an object that represents access to the origin 
    // scheme and port.
    CodeConnectAccess^ CodeAccessOrigin = 
        CodeConnectAccess::CreateOriginSchemeAccess
        (CodeConnectAccess::OriginPort);
    // Add connection access objects to the NetCodeGroup object.
    codeGroup->AddConnectAccess(Uri::UriSchemeHttp, CodeAccessFtp);
    codeGroup->AddConnectAccess(Uri::UriSchemeHttp, CodeAccessHttps);
    codeGroup->AddConnectAccess(Uri::UriSchemeHttp, CodeAccessOrigin);
    // Provide name and description information for caspol.exe tool.
    codeGroup->Name = "ContosoHttpCodeGroup";
    codeGroup->Description = "Code originating from contoso.com can" +
        " connect back using the FTP or HTTPS.";
    // Add the code group to the User policy's root node.
    level->RootCodeGroup->AddChild(codeGroup);
    // Save the changes to the policy level.
    System::Security::SecurityManager::SavePolicy();
}

public static void SetNetCodeGroupAccess()
{
    const string userPolicyLevel = "User";
    // Locate the User policy level.
    PolicyLevel level = null;
    System.Collections.IEnumerator ph =
        System.Security.SecurityManager.PolicyHierarchy();
    while(ph.MoveNext())
    {
        level = (PolicyLevel)ph.Current;
        if( level.Label == userPolicyLevel )
        {
            break;
        }
    }
    if (level.Label != userPolicyLevel)
        throw new ApplicationException("Could not find User policy level.");

    IMembershipCondition membership =
        new UrlMembershipCondition(@"http://www.contoso.com/*");
    NetCodeGroup codeGroup = new NetCodeGroup(membership);
    // Delete default settings.
    codeGroup.ResetConnectAccess();
    // Create an object that represents access to the FTP scheme and default port.
    CodeConnectAccess a1 = new CodeConnectAccess(Uri.UriSchemeFtp, CodeConnectAccess.DefaultPort);
    // Create an object that represents access to the HTTPS scheme and default port.
    CodeConnectAccess a2 = new CodeConnectAccess(Uri.UriSchemeHttps, CodeConnectAccess.DefaultPort);
    // Create an object that represents access to the origin scheme and port.
    CodeConnectAccess a3 = CodeConnectAccess.CreateOriginSchemeAccess(CodeConnectAccess.OriginPort);
    // Add connection access objects to the NetCodeGroup object.
    codeGroup.AddConnectAccess(Uri.UriSchemeHttp, a1);
    codeGroup.AddConnectAccess(Uri.UriSchemeHttp, a2);
    codeGroup.AddConnectAccess(Uri.UriSchemeHttp, a3);
    // Provide name and description information for caspol.exe tool.
    codeGroup.Name = "ContosoHttpCodeGroup";
    codeGroup.Description = "Code originating from contoso.com can connect back using the FTP or HTTPS.";
    // Add the code group to the User policy's root node.
    level.RootCodeGroup.AddChild(codeGroup);
    // Save the changes to the policy level.
    System.Security.SecurityManager.SavePolicy();
}

Remarks

When a NetCodeGroup is created, it contains the default connection access rules shown in the following table.

Scheme	Rule
file	No connection access to the origin server is permitted.
http	HTTP and HTTPS access is permitted using the origin port.
https	HTTPS access is permitted using the origin port.

Applies to

Dela via