It's easy to take some time to learn something between the heavy development tasks. I found that there are several examples of System.Security content in the machine. I have never used this namespace before, so I just used it to learn about it. Since it is not a systematic study, it is not easy to organize. After thinking about it, I will explain it with examples.
1. Set permission
1[FileIOPermission(SecurityAction.Demand, Write= "C:\temp.txt")]
2public class App: System.Windows.Forms.Form
3{
4 //omitted
5}
FileIOPermissionAttribute is defined in System.Security.Permissions. It inherits from SecurityAttribute. In this example, it is required to have write permissions on the C:temp.txt file when using the App class.
The .net framework documentation has this to say about security requirements: "To ensure that only callers who have been granted specific permissions can call your code, you can declare or enforce that callers of your code have specific permissions. Or permission set. Requirements cause the runtime to perform a security check, thereby enforcing restrictions on the calling code. During the security check, the runtime walks through the call stack, checks the permissions of each caller in the stack, and determines whether the requested permissions have been granted. per caller. If a caller is found not to have the required permissions, the security check fails and a SecurityException is thrown.
In the example, permissions are declared. SecurityAction.Demand can act on a class or method, in this case it acts on a class. Write is one of the properties of FileIOPermission. Other commonly used properties include Read, Append, All, etc.
There are also some values in the SecurityAction enumeration that act on the assembly. For example, the following example:
[assembly:SecurityPermission(SecurityAction.RequestMinimum,UnmanagedCode=true)]
SecurityAction.RequestMinimum is the minimum permission for the request to run. This line requires that the assembly allows calls to unmanaged code.
In addition to the declarative method, you can also use the mandatory method. The following code:
1FileIOPermission filePerm = new FileIOPermission(FileIOPermissionAccess.AllAccess, "C:\temp.txt");
2try
3{
4 filePerm.Demand();
5
6 // Code to access file goes here
7}
8catch(SecurityExceptionexcep)
9{
10 MessageBox.Show (excep.Message);
11 return;
12}
13
2. User role management
The management of users and their roles is used in many programs. Nowadays, asp.net 2.0 has greatly enhanced this aspect, and developers can make very good applications without knowing much about technology. However, for Windows Form applications, many places still need to be set by programmers themselves.
Assuming that we already know the userName and the roles it belongs to, we can set the Principal of the current thread like this:
1GenericIdentity genIdent = new GenericIdentity(userName);
2GenericPrincipal genPrin = new GenericPrincipal(genIdent, roles);
3Thread.CurrentPrincipal = genPrin;
4
Then we have three ways to verify user roles.
The first method is to use the GenericPrincipal.IsInRole method:
1GenericPrincipal currentPrin = Thread.CurrentPrincipal as GenericPrincipal;
2
3if (currentPrin != null && currentPrin.IsInRole("Manager"))
4{
5 //omitted
6}
7
The second method is to use the PrincipalPermission class, which is similar to the mandatory method in permission setting:
1PrincipalPermission prinPerm = new PrincipalPermission(null, "Manager");
2
3try
4{
5 prinPerm.Demand();
6
7 //do something
8}
9catch
10{
11 //error handling
12}
The third method is similar to the declaration method in permission setting:
1private void DecPermButton_Click(object sender, System.EventArgs e)
2{
3 try
4 {
5 performManagerAction();
6 // do something
7}
8 catch
9 {
10 // error handling
11 }
12}
13
14[PrincipalPermission(SecurityAction.Demand, Role="Manager")]
15void performManagerAction()
16{
17}
Another important thing about security is encryption. I don’t have time to write today, I’ll talk about it another day.