HOW TO:執行命令式安全性檢查
更新:2007 年 11 月
對於命令式要求,您可以呼叫 PrincipalPermission 物件的 Demand 方法來判斷目前 Principal 物件是否代表指定的識別、角色或兩者。假設正確建構的 PrincipalPermission 物件已呼叫 MyPrincipalPermission,則可以用下列程式碼來呼叫命令式要求。
MyPrincipalPermission.Demand()
MyPrincipalPermission.Demand();
範例
下列程式碼範例使用命令式檢查以確保 GenericPrincipal 符合 PrincipalPermission 物件。當應用程式定義域中的許多方法或其他組件 (Assembly) 必須產生角色架構的判決時,命令式檢查很有用處。雖然這個範例非常簡單,但是它卻可說明與角色架構要求關聯的行為。
Imports System
Imports System.Security.Permissions
Imports System.Security.Principal
Imports System.Security
Imports System.Threading
Imports System.Security.Cryptography
Public Class MainClass
Public Overloads Shared Function Main() As Integer
Console.WriteLine("Enter '1' to use the proper identity or " _
& "any other character to use the improper identity.")
If Console.ReadLine() = "1" Then
' Create a generic identity.
Dim MyIdentity As New GenericIdentity("MyUser")
' Create a generic principal.
Dim MyString As [String]() = {"Administrator", "User"}
Dim MyPrincipal As New GenericPrincipal( _
MyIdentity, MyString)
Thread.CurrentPrincipal = MyPrincipal
End If
PrivateInfo()
Return 0
End Function
Public Shared Sub PrivateInfo()
Try
' Create a PrincipalPermission object.
Dim MyPermission As New PrincipalPermission( _
"MyUser", "Administrator")
' Demand this permission.
MyPermission.Demand()
' Print secret data.
Console.WriteLine(ControlChars.Cr & ControlChars.Cr & _
"You have access to the private data!")
Catch e As SecurityException
Console.WriteLine(e.Message)
End Try
End Sub
End Class
using System;
using System.Security.Permissions;
using System.Security.Principal;
using System.Security;
using System.Threading;
using System.Security.Cryptography;
public class MainClass
{
public static int Main(string[] args)
{
Console.WriteLine("Enter '1' to use the proper identity or " +
"any other character to use the improper identity.");
if(Console.ReadLine() == "1")
{
// Create a generic identity.
GenericIdentity MyIdentity = new GenericIdentity("MyUser");
// Create a generic principal.
String[] MyString = {"Administrator", "User"};
GenericPrincipal MyPrincipal =
new GenericPrincipal(MyIdentity, MyString);
Thread.CurrentPrincipal = MyPrincipal;
}
PrivateInfo();
return 0;
}
public static void PrivateInfo()
{
try
{
// Create a PrincipalPermission object.
PrincipalPermission MyPermission =
new PrincipalPermission("MyUser", "Administrator");
// Demand this permission.
MyPermission.Demand();
// Print secret data.
Console.WriteLine(
"\n\nYou have access to the private data!");
}
catch(SecurityException e)
{
Console.WriteLine(e.Message);
}
}
}
如果使用者輸入 1,則建立存取 PrivateInfo 方法所需的 Principal 和 Identity 物件。如果使用者輸入其他任何字元,則不會建立任何 Principal 和 Identity 物件,且會在呼叫 PrivateInfo 方法時擲回安全性例外狀況。如果目前的執行緒與名為 MyUser 且角色為 Administrator 的當事人關聯,則會出現下列訊息。
You have access to the private data!