XmlSecureResolver 构造函数

定义

命名空间:

System.Xml

程序集:

System.Xml.dll

程序集:

System.Xml.ReaderWriter.dll

程序集:

netstandard.dll

初始化 XmlSecureResolver 类的新实例。

重载

XmlSecureResolver(XmlResolver, PermissionSet)	使用指定的 XmlResolver 和 PermissionSet 初始化 XmlSecureResolver 类的一个新实例。
XmlSecureResolver(XmlResolver, Evidence)	使用指定的 XmlResolver 和 Evidence 初始化 XmlSecureResolver 类的一个新实例。
XmlSecureResolver(XmlResolver, String)	使用提供的 XmlResolver 和 URL 初始化 XmlSecureResolver 类的一个新实例。

注解

这三个构造函数提供三种类型的访问限制：

• 构造 XmlSecureResolver(XmlResolver, String) 函数使用 URL 限制访问。

• 构造 XmlSecureResolver(XmlResolver, PermissionSet) 函数使用权限集限制访问。

• 构造 XmlSecureResolver(XmlResolver, Evidence) 函数使用证据限制访问。

有关这些类型的限制的示例，请参阅构造函数参考主题。

XmlSecureResolver(XmlResolver, PermissionSet)

使用指定的 XmlResolver 和 PermissionSet 初始化 XmlSecureResolver 类的一个新实例。

public:
 XmlSecureResolver(System::Xml::XmlResolver ^ resolver, System::Security::PermissionSet ^ permissionSet);

public XmlSecureResolver (System.Xml.XmlResolver resolver, System.Security.PermissionSet permissionSet);

new System.Xml.XmlSecureResolver : System.Xml.XmlResolver * System.Security.PermissionSet -> System.Xml.XmlSecureResolver

Public Sub New (resolver As XmlResolver, permissionSet As PermissionSet)

参数

resolver

XmlResolver

由 XmlSecureResolver 包装的 XML 解析程序。

permissionSet

PermissionSet

设置为应用于基础 XmlResolver 的权限集。 XmlSecureResolver 对基础 XML 解析程序调用 GetEntity(Uri, String, Type) 方法之前，先对权限集调用 PermitOnly() 方法。

示例

以下示例使用自定义权限集构造 XmlSecureResolver 对象。

Object^ GetFile( String^ fileURL, XmlResolver^ resolver )
{
   // Generate the default PermissionSet using the file URL.
   Evidence^ evidence = XmlSecureResolver::CreateEvidenceForUrl( fileURL );
   PermissionSet^ myPermissions = SecurityManager::ResolvePolicy( evidence );
   
   // Modify the PermissionSet to only allow access to http://www.contoso.com.
   // Create a WebPermission which only allows access to http://www.contoso.com.
   WebPermission^ myWebPermission = gcnew WebPermission(
      NetworkAccess::Connect,"http://www.contoso.com" );
   // Replace the existing WebPermission in myPermissions with the updated WebPermission.
   myPermissions->SetPermission( myWebPermission );
   
   // Use the modified PermissionSet to construct the XmlSecureResolver.
   XmlSecureResolver^ sResolver = gcnew XmlSecureResolver( resolver,myPermissions );
   
   // Get the object.
   Uri^ fullUri = sResolver->ResolveUri( nullptr, fileURL );
   return sResolver->GetEntity( fullUri, nullptr, nullptr );
}

public static Object GetFile (String fileURL, XmlResolver resolver) {

  // Generate the default PermissionSet using the file URL.
  Evidence evidence = XmlSecureResolver.CreateEvidenceForUrl(fileURL);
  PermissionSet myPermissions = SecurityManager.ResolvePolicy(evidence);

  // Modify the PermissionSet to only allow access to http://www.contoso.com.
  // Create a WebPermission which only allows access to http://www.contoso.com.
  WebPermission myWebPermission = new WebPermission(NetworkAccess.Connect, "http://www.contoso.com");
  // Replace the existing WebPermission in myPermissions with the updated WebPermission.
  myPermissions.SetPermission(myWebPermission);

  // Use the modified PermissionSet to construct the XmlSecureResolver.
  XmlSecureResolver sResolver = new XmlSecureResolver(resolver, myPermissions);

  // Get the object.
  Uri fullUri = sResolver.ResolveUri(null, fileURL);
  return sResolver.GetEntity(fullUri, null, null);
}

public shared function GetFile (fileURL as String , resolver as XmlResolver) as Object
 
  '  Generate the default PermissionSet using the file URL.
  Dim evidence as Evidence = XmlSecureResolver.CreateEvidenceForUrl(fileURL)
  Dim myPermissions as PermissionSet = SecurityManager.ResolvePolicy(evidence)

  '  Modify the PermissionSet to only allow access to http://www.contoso.com.
  '  Create a WebPermission that only allows access to http://www.contoso.com.
  Dim myWebPermission as WebPermission = new WebPermission(NetworkAccess.Connect, "http://www.contoso.com")
  '  Replace the existing WebPermission in myPermissions with the updated WebPermission.
  myPermissions.SetPermission(myWebPermission)

  '  Use the modified PermissionSet to construct the XmlSecureResolver.
  Dim sResolver as XmlSecureResolver = new XmlSecureResolver(resolver, myPermissions)

  '  Get the object.
  Dim fullUri as Uri = sResolver.ResolveUri(nothing, fileURL)
  return sResolver.GetEntity(fullUri, nothing, nothing)
end function

另请参阅

• CreateEvidenceForUrl(String)
• Evidence
• WebPermission
• SecurityManager

XmlSecureResolver(XmlResolver, Evidence)

使用指定的 XmlResolver 和 Evidence 初始化 XmlSecureResolver 类的一个新实例。

public:
 XmlSecureResolver(System::Xml::XmlResolver ^ resolver, System::Security::Policy::Evidence ^ evidence);

public XmlSecureResolver (System.Xml.XmlResolver resolver, System.Security.Policy.Evidence evidence);

new System.Xml.XmlSecureResolver : System.Xml.XmlResolver * System.Security.Policy.Evidence -> System.Xml.XmlSecureResolver

Public Sub New (resolver As XmlResolver, evidence As Evidence)

参数

resolver

XmlResolver

由 XmlSecureResolver 包装的 XML 解析程序。

evidence

Evidence

用于创建将应用于基础 XmlResolver 的 PermissionSet 的证据。 XmlSecureResolver 在对基础 XmlResolver 调用 GetEntity(Uri, String, Type) 之前，先对创建的PermissionSet 调用 PermitOnly() 方法。

注解

下面是一些可能的方案，以及为每个方案提供的证据类型：

• 如果在完全受信任的环境中工作，请使用程序集创建证据：

  Evidence myEvidence = this.GetType().Assembly.Evidence;
  XmlSecureResolver myResolver;
  myResolver = new XmlSecureResolver(new XmlUrlResolver(), myEvidence);
  

  Dim myEvidence As Evidence = Me.GetType().Assembly.Evidence
  Dim myResolver As XmlSecureResolver
  myResolver = New XmlSecureResolver(New XmlUrlResolver(), myEvidence)
  

• 如果在半受信任的环境中工作，则具有来自外部源的代码或数据，并且知道外部源的来源并具有可验证的 URI，请使用 URI 创建证据：

  
  Evidence myEvidence = XmlSecureResolver.CreateEvidenceForUrl(sourceURI);
  XmlSecureResolver myResolver = new XmlSecureResolver(new XmlUrlResolver(), myEvidence);
  

  Dim myEvidence As Evidence = XmlSecureResolver.CreateEvidenceForUrl(sourceURI)
  Dim myResolver As New XmlSecureResolver(New XmlUrlResolver(), myEvidence)
  

• 如果你在半受信任的环境中工作，并且有来自外部源的代码或数据，但你也不知道外部源的源来源：：

  将 evidence 参数设置为 null。 这样将不允许对资源进行任何访问。

  • 或 -

  如果应用程序要求对资源进行一些访问，应向调用方请求数据。

XmlSecureResolver(XmlResolver, String)

使用提供的 XmlResolver 和 URL 初始化 XmlSecureResolver 类的一个新实例。

public:
 XmlSecureResolver(System::Xml::XmlResolver ^ resolver, System::String ^ securityUrl);

public XmlSecureResolver (System.Xml.XmlResolver resolver, string? securityUrl);

public XmlSecureResolver (System.Xml.XmlResolver resolver, string securityUrl);

new System.Xml.XmlSecureResolver : System.Xml.XmlResolver * string -> System.Xml.XmlSecureResolver

Public Sub New (resolver As XmlResolver, securityUrl As String)

参数

resolver

XmlResolver

由 XmlSecureResolver 包装的 XML 解析程序。

securityUrl

String

用于创建将应用于基础 XmlResolver 的PermissionSet 的 URL。 XmlSecureResolver 在对基础 XmlResolver 调用 GetEntity(Uri, String, Type) 之前，先对创建的 PermissionSet 调用 PermitOnly()。

示例

此示例使用 XmlSecureResolver(XmlResolver, String) 构造函数创建 XmlSecureResolver 仅允许访问本地 Intranet 站点的对象。

XmlSecureResolver myResolver = new XmlSecureResolver(new XmlUrlResolver(), "http://myLocalSite/");

Dim myResolver As New XmlSecureResolver(New XmlUrlResolver(), "http://myLocalSite/")

注解

重要

.NET Framework公共语言运行时 (CLR) 上运行的代码的安全基础结构和在 Microsoft SQL Server 2005 中集成的 CLR 上运行的代码存在差异。 这可能会导致在SQL Server集成 CLR 上使用时，为.NET Framework CLR 开发的代码以不同的方式运行的情况。 当有证据表明基于 URL (（即使用CreateEvidenceForUrl方法或XmlSecureResolver(XmlResolver, String)构造函数) 时）时，其中一个差异会影响XmlSecureResolver类。 SQL Server集成 CLR 的策略解析机制不使用Url或Zone信息。 相反，它会根据服务器加载程序集时添加的 GUID 授予权限。 使用XmlSecureResolverSQL Server集成 CLR 时，请使用指定的PermissionSet直接提供任何必需的证据。