SocketPermission 類別
定義
重要
部分資訊涉及發行前產品,在發行之前可能會有大幅修改。 Microsoft 對此處提供的資訊,不做任何明確或隱含的瑕疵擔保。
警告
Code Access Security is not supported or honored by the runtime.
控制在傳輸位址上進行或接受連接的權限。
public ref class SocketPermission sealed : System::Security::CodeAccessPermission, System::Security::Permissions::IUnrestrictedPermission[System.Obsolete("Code Access Security is not supported or honored by the runtime.", DiagnosticId="SYSLIB0003", UrlFormat="https://aka.ms/dotnet-warnings/{0}")]
public sealed class SocketPermission : System.Security.CodeAccessPermission, System.Security.Permissions.IUnrestrictedPermission[System.Serializable]
public sealed class SocketPermission : System.Security.CodeAccessPermission, System.Security.Permissions.IUnrestrictedPermissionpublic sealed class SocketPermission : System.Security.CodeAccessPermission, System.Security.Permissions.IUnrestrictedPermission[<System.Obsolete("Code Access Security is not supported or honored by the runtime.", DiagnosticId="SYSLIB0003", UrlFormat="https://aka.ms/dotnet-warnings/{0}")>]
type SocketPermission = class
inherit CodeAccessPermission
interface IUnrestrictedPermission[<System.Serializable>]
type SocketPermission = class
inherit CodeAccessPermission
interface IUnrestrictedPermissiontype SocketPermission = class
inherit CodeAccessPermission
interface IUnrestrictedPermissionPublic NotInheritable Class SocketPermission
Inherits CodeAccessPermission
Implements IUnrestrictedPermission- 繼承
- 屬性
- 實作
範例
下列範例示範如何使用 SocketPermission 類別來設定、變更及強制執行各種套接字存取限制。
// Creates a SocketPermission restricting access to and from all URIs.
SocketPermission^ mySocketPermission1 = gcnew SocketPermission( PermissionState::None );
// The socket to which this permission will apply will allow connections from www.contoso.com.
mySocketPermission1->AddPermission( NetworkAccess::Accept, TransportType::Tcp, "www.contoso.com", 11000 );
// Creates a SocketPermission which will allow the target Socket to connect with www.southridgevideo.com.
SocketPermission^ mySocketPermission2 = gcnew SocketPermission( NetworkAccess::Connect,TransportType::Tcp, "www.southridgevideo.com",11002 );
// Creates a SocketPermission from the union of two SocketPermissions.
SocketPermission^ mySocketPermissionUnion =
(SocketPermission^)( mySocketPermission1->Union( mySocketPermission2 ) );
// Checks to see if the union was successfully created by using the IsSubsetOf method.
if ( mySocketPermission1->IsSubsetOf( mySocketPermissionUnion ) &&
mySocketPermission2->IsSubsetOf( mySocketPermissionUnion ) )
{
Console::WriteLine( "This union contains permissions from both mySocketPermission1 and mySocketPermission2" );
// Prints the allowable accept URIs to the console.
Console::WriteLine( "This union accepts connections on :" );
IEnumerator^ myEnumerator = mySocketPermissionUnion->AcceptList;
while ( myEnumerator->MoveNext() )
{
Console::WriteLine( safe_cast<EndpointPermission^>( myEnumerator->Current )->ToString() );
}
// Prints the allowable connect URIs to the console.
Console::WriteLine( "This union permits connections to :" );
myEnumerator = mySocketPermissionUnion->ConnectList;
while ( myEnumerator->MoveNext() )
{
Console::WriteLine( safe_cast<EndpointPermission^>( myEnumerator->Current )->ToString() );
}
}
// Creates a SocketPermission from the intersect of two SocketPermissions.
SocketPermission^ mySocketPermissionIntersect =
(SocketPermission^)( mySocketPermission1->Intersect( mySocketPermissionUnion ) );
// mySocketPermissionIntersect should now contain the permissions of mySocketPermission1.
if ( mySocketPermission1->IsSubsetOf( mySocketPermissionIntersect ) )
{
Console::WriteLine( "This is expected" );
}
// mySocketPermissionIntersect should not contain the permissios of mySocketPermission2.
if ( mySocketPermission2->IsSubsetOf( mySocketPermissionIntersect ) )
{
Console::WriteLine( "This should not print" );
}
// Creates a copy of the intersect SocketPermission.
SocketPermission^ mySocketPermissionIntersectCopy =
(SocketPermission^)( mySocketPermissionIntersect->Copy() );
if ( mySocketPermissionIntersectCopy->Equals( mySocketPermissionIntersect ) )
{
Console::WriteLine( "Copy successfull" );
}
// Converts a SocketPermission to XML format and then immediately converts it back to a SocketPermission.
mySocketPermission1->FromXml( mySocketPermission1->ToXml() );
// Checks to see if permission for this socket resource is unrestricted. If it is, then there is no need to
// demand that permissions be enforced.
if ( mySocketPermissionUnion->IsUnrestricted() )
{
//Do nothing. There are no restrictions.
}
else
{
// Enforces the permissions found in mySocketPermissionUnion on any Socket Resources used below this statement.
mySocketPermissionUnion->Demand();
}
IPHostEntry^ myIpHostEntry = Dns::Resolve( "www.contoso.com" );
IPEndPoint^ myLocalEndPoint = gcnew IPEndPoint( myIpHostEntry->AddressList[ 0 ], 11000 );
Socket^ s = gcnew Socket( myLocalEndPoint->Address->AddressFamily,
SocketType::Stream,
ProtocolType::Tcp );
try
{
s->Connect( myLocalEndPoint );
}
catch ( Exception^ e )
{
Console::Write( "Exception Thrown: " );
Console::WriteLine( e->ToString() );
}
// Perform all socket operations in here.
s->Close();
// Creates a SocketPermission restricting access to and from all URIs.
SocketPermission mySocketPermission1 = new SocketPermission(PermissionState.None);
// The socket to which this permission will apply will allow connections from www.contoso.com.
mySocketPermission1.AddPermission(NetworkAccess.Accept, TransportType.Tcp, "www.contoso.com", 11000);
// Creates a SocketPermission which will allow the target Socket to connect with www.southridgevideo.com.
SocketPermission mySocketPermission2 =
new SocketPermission(NetworkAccess.Connect, TransportType.Tcp, "www.southridgevideo.com", 11002);
// Creates a SocketPermission from the union of two SocketPermissions.
SocketPermission mySocketPermissionUnion =
(SocketPermission)mySocketPermission1.Union(mySocketPermission2);
// Checks to see if the union was successfully created by using the IsSubsetOf method.
if (mySocketPermission1.IsSubsetOf(mySocketPermissionUnion) &&
mySocketPermission2.IsSubsetOf(mySocketPermissionUnion)){
Console.WriteLine("This union contains permissions from both mySocketPermission1 and mySocketPermission2");
// Prints the allowable accept URIs to the console.
Console.WriteLine("This union accepts connections on :");
IEnumerator myEnumerator = mySocketPermissionUnion.AcceptList;
while (myEnumerator.MoveNext()) {
Console.WriteLine(((EndpointPermission)myEnumerator.Current).ToString());
}
// Prints the allowable connect URIs to the console.
Console.WriteLine("This union permits connections to :");
myEnumerator = mySocketPermissionUnion.ConnectList;
while (myEnumerator.MoveNext()) {
Console.WriteLine(((EndpointPermission)myEnumerator.Current).ToString());
}
}
// Creates a SocketPermission from the intersect of two SocketPermissions.
SocketPermission mySocketPermissionIntersect =
(SocketPermission)mySocketPermission1.Intersect(mySocketPermissionUnion);
// mySocketPermissionIntersect should now contain the permissions of mySocketPermission1.
if (mySocketPermission1.IsSubsetOf(mySocketPermissionIntersect)){
Console.WriteLine("This is expected");
}
// mySocketPermissionIntersect should not contain the permissios of mySocketPermission2.
if (mySocketPermission2.IsSubsetOf(mySocketPermissionIntersect)){
Console.WriteLine("This should not print");
}
// Creates a copy of the intersect SocketPermission.
SocketPermission mySocketPermissionIntersectCopy =
(SocketPermission)mySocketPermissionIntersect.Copy();
if (mySocketPermissionIntersectCopy.Equals(mySocketPermissionIntersect)){
Console.WriteLine("Copy successfull");
}
// Converts a SocketPermission to XML format and then immediately converts it back to a SocketPermission.
mySocketPermission1.FromXml(mySocketPermission1.ToXml());
// Checks to see if permission for this socket resource is unrestricted. If it is, then there is no need to
// demand that permissions be enforced.
if (mySocketPermissionUnion.IsUnrestricted()){
//Do nothing. There are no restrictions.
}
else{
// Enforces the permissions found in mySocketPermissionUnion on any Socket Resources used below this statement.
mySocketPermissionUnion.Demand();
}
IPHostEntry myIpHostEntry = Dns.Resolve("www.contoso.com");
IPEndPoint myLocalEndPoint = new IPEndPoint(myIpHostEntry.AddressList[0], 11000);
Socket s = new Socket(myLocalEndPoint.Address.AddressFamily,
SocketType.Stream,
ProtocolType.Tcp);
try{
s.Connect(myLocalEndPoint);
}
catch (Exception e){
Console.WriteLine("Exception Thrown: " + e.ToString());
}
// Perform all socket operations in here.
s.Close();
' Creates a SocketPermission restricting access to and from all URIs.
Dim mySocketPermission1 As New SocketPermission(PermissionState.None)
' The socket to which this permission will apply will allow connections from www.contoso.com.
mySocketPermission1.AddPermission(NetworkAccess.Accept, TransportType.Tcp, "www.contoso.com", 11000)
' Creates a SocketPermission which will allow the target Socket to connect with www.southridgevideo.com.
Dim mySocketPermission2 As New SocketPermission(NetworkAccess.Connect, TransportType.Tcp, "www.southridgevideo.com", 11002)
' Creates a SocketPermission from the union of two SocketPermissions.
Dim mySocketPermissionUnion As SocketPermission = CType(mySocketPermission1.Union(mySocketPermission2), SocketPermission)
' Checks to see if the union was successfully created by using the IsSubsetOf method.
If mySocketPermission1.IsSubsetOf(mySocketPermissionUnion) And mySocketPermission2.IsSubsetOf(mySocketPermissionUnion) Then
Console.WriteLine("This union contains permissions from both mySocketPermission1 and mySocketPermission2")
' Prints the allowable accept URIs to the console.
Console.WriteLine("This union accepts connections on :")
Dim myEnumerator As IEnumerator = mySocketPermissionUnion.AcceptList
While myEnumerator.MoveNext()
Console.WriteLine(CType(myEnumerator.Current, EndpointPermission).ToString())
End While
Console.WriteLine("This union establishes connections on : ")
' Prints the allowable connect URIs to the console.
Console.WriteLine("This union permits connections to :")
myEnumerator = mySocketPermissionUnion.ConnectList
While myEnumerator.MoveNext()
Console.WriteLine(CType(myEnumerator.Current, EndpointPermission).ToString())
End While
End If
' Creates a SocketPermission from the intersect of two SocketPermissions.
Dim mySocketPermissionIntersect As SocketPermission = CType(mySocketPermission1.Intersect(mySocketPermissionUnion), SocketPermission)
' mySocketPermissionIntersect should now contain the permissions of mySocketPermission1.
If mySocketPermission1.IsSubsetOf(mySocketPermissionIntersect) Then
Console.WriteLine("This is expected")
End If
' mySocketPermissionIntersect should not contain the permissios of mySocketPermission2.
If mySocketPermission2.IsSubsetOf(mySocketPermissionIntersect) Then
Console.WriteLine("This should not print")
End If
' Creates a copy of the intersect SocketPermission.
Dim mySocketPermissionIntersectCopy As SocketPermission = CType(mySocketPermissionIntersect.Copy(), SocketPermission)
If mySocketPermissionIntersectCopy.Equals(mySocketPermissionIntersect) Then
Console.WriteLine("Copy successfull")
End If
' Converts a SocketPermission to XML format and then immediately converts it back to a SocketPermission.
mySocketPermission1.FromXml(mySocketPermission1.ToXml())
' Checks to see if permission for this socket resource is unrestricted. If it is, then there is no need to
' demand that permissions be enforced.
If mySocketPermissionUnion.IsUnrestricted() Then
'Do nothing. There are no restrictions.
Else
' Enforces the permissions found in mySocketPermissionUnion on any Socket Resources used below this statement.
mySocketPermissionUnion.Demand()
End If
Dim myIpHostEntry As IPHostEntry = Dns.Resolve("www.contoso.com")
Dim myLocalEndPoint As New IPEndPoint(myIpHostEntry.AddressList(0), 11000)
Dim s As New Socket(myLocalEndPoint.Address.AddressFamily, SocketType.Stream, ProtocolType.Tcp)
Try
s.Connect(myLocalEndPoint)
Catch e As Exception
Console.WriteLine(("Exception Thrown: " + e.ToString()))
End Try
' Perform all socket operations in here.
s.Close()
End Sub
備註
警告
程式代碼存取安全性 (CAS) 在所有 .NET Framework 和 .NET 版本中已被取代。 使用 CAS 相關 API 時,最新版本的 .NET 不會接受 CAS 批注,併產生錯誤。 開發人員應尋求替代方案來完成安全性工作。
SocketPermission 實例控制接受連線或起始 Socket 連線的許可權。 Socket您可以為主機名或IP位址、埠號碼和傳輸通訊協定建立許可權。
注意
請避免使用主機名建立套接字許可權,因為這些名稱必須解析為IP位址,這可能會封鎖堆疊。
建構函式
| SocketPermission(NetworkAccess, TransportType, String, Int32) |
已淘汰.
使用指定的使用權限,為指定的傳輸位址初始化 SocketPermission 類別的新執行個體。 |
| SocketPermission(PermissionState) |
已淘汰.
初始化 SocketPermission 類別的新執行個體,允許不受限制存取 Socket 或不允許存取 Socket。 |
欄位
| AllPorts |
已淘汰.
定義表示所有通訊埠的常數。 |
屬性
| AcceptList |
已淘汰.
取得 EndpointPermission 執行個體的清單,這些執行個體辨認可在這個使用權限執行個體下接受的端點。 |
| ConnectList |
已淘汰.
取得 EndpointPermission 執行個體的清單,這些執行個體辨認可在這個使用權限執行個體下連接至的端點。 |
方法
| AddPermission(NetworkAccess, TransportType, String, Int32) |
已淘汰.
將使用權限加入至傳輸位址的使用權限集。 |
| Assert() |
已淘汰.
宣告即使堆疊中較高層的呼叫端未獲得資源存取權限,呼叫程式碼仍可透過呼叫這個方法的程式碼要求權限,來存取受保護的資源。 使用 Assert() 會造成安全性問題。 (繼承來源 CodeAccessPermission) |
| Copy() |
已淘汰.
建立 SocketPermission 執行個體的複本。 |
| Demand() |
已淘汰.
如果在呼叫堆疊中較高的所有呼叫端都尚未被授與由目前執行個體所指定之權限,則會在執行階段強制執行 SecurityException。 (繼承來源 CodeAccessPermission) |
| Deny() |
已淘汰.
已淘汰.
防止呼叫堆疊中較高的呼叫端,使用程式碼呼叫此方法來存取目前執行個體所指定的資源。 (繼承來源 CodeAccessPermission) |
| Equals(Object) |
已淘汰.
判斷指定的 CodeAccessPermission 物件是否等於目前的 CodeAccessPermission。 (繼承來源 CodeAccessPermission) |
| FromXml(SecurityElement) |
已淘汰.
為 XML 編碼方式重建 SocketPermission 執行個體。 |
| GetHashCode() |
已淘汰.
取得 CodeAccessPermission 物件的雜湊碼,其適合用於雜湊表這類的雜湊演算法和資料結構。 (繼承來源 CodeAccessPermission) |
| GetType() |
已淘汰.
取得目前執行個體的 Type。 (繼承來源 Object) |
| Intersect(IPermission) |
已淘汰.
傳回兩個 SocketPermission 執行個體間的邏輯交集。 |
| IsSubsetOf(IPermission) |
已淘汰.
判斷目前使用權限是否為指定之使用權限的子集。 |
| IsUnrestricted() |
已淘汰.
檢查物件的整體使用權限狀態。 |
| MemberwiseClone() |
已淘汰.
建立目前 Object 的淺層複製。 (繼承來源 Object) |
| PermitOnly() |
已淘汰.
防止呼叫堆疊中較高的呼叫端,使用程式碼呼叫此方法來存取目前執行個體所指定之資源以外的所有資源。 (繼承來源 CodeAccessPermission) |
| ToString() |
已淘汰.
建立並傳回目前權限物件的字串表示。 (繼承來源 CodeAccessPermission) |
| ToXml() |
已淘汰.
建立 SocketPermission 執行個體和其目前狀態的 XML 編碼方式。 |
| Union(IPermission) |
已淘汰.
傳回兩個 SocketPermission 執行個體間的邏輯聯集。 |
