. NET Framework role-based security (3)

. NET Framework | safety | Security permissions Objects

As. NET security two important branches, role-based security and code access security are inseparable from an important concept-privilege (permissions). In role-based security, the PrincipalPermission class is used to check the user identity of the calling thread, whereas in code access security, a class derived from CodeAccessPermission is used to check the respective permissions of all threads executing the current method.

Permission objects use an existing security policy to indicate whether an operation is allowed or denied. For code access security permissions (although this does not apply to user rights), the. NET CLR provides a stack traversal mechanism to determine whether all call stack frames have the appropriate permissions. The point to note is that if the permission object is null, then we can treat it as equivalent to Permissionstate.none, stating that no permissions are provided. Permissions are often used for the following occasions:

1, define the permissions required to execute the code.

2, the system's security policy can recognize or reject the permissions requested by the code.

3, the code through the Demand method to ensure (require) the code it calls have the required permissions.

4, the code can also use the Assert,deny or PermitOnly method to skip the security stack check mechanism.

In addition, we can use a group of permissions, in the PermissionSet class we can use a variety of different sets of permissions.

Let's take a look at the most commonly used PrincipalPermission classes, as well as another common CodeAccessPermission class, which will be described in detail in the code access security later.

As one of the three interfaces implemented by the PrincipalPermission class, the IPermission interface plays an important role in the PrincipalPermission class. The IPermission interface provides the following methods:

1. Copy creates and returns the same copy of the current permission.

2, Demand if the content on the call stack does not satisfy the permission content specified by the permission object, the SecurityException is thrown at run time. This method allows the current code to not be exploited by other malicious code.

3. Intersect creates and returns a permission that is the intersection of the current permission and the specified permission.

4. IsSubsetOf determines whether the current permission is a subset of the specified permissions.

5. Union creates a permission that is the set of the current permission and the specified permission.

In the methods listed above, the demand method is the most common and important method. The demand method checks all callers of the current method to determine whether they have sufficient privileges to access a specific resource in a specified manner (the usual way to do this is to satisfy the security conditions by performing a full stack walk from the latest invocation method on the call stack. But the stack traversal is not required, Principalpermission.demand does not perform a stack traversal), if the check fails, the Demand method throws the SecurityException exception, and the Demand method returns successfully only if no exception is thrown.

The following figure shows the inheritance hierarchy of the IPermission interface:

[Imghttp://myarticle.enet.com.cn/images/200407/1090981312024.gif[/img]

And then we'll talk about the PrincipalPermission class, and here's what we need to talk about principal objects, when the PrincipalPermission class instance executes the demand method, In fact, it is to determine whether the current principal object matches a given PrincipalPermission object, and if it does not match, throw the SecurityException. In addition, the demand method can be used to force the identity validation of the principal object to pass so that it can not throw an exception and perform normal operations.

The following code snippet briefly describes how to use the PrincipalPermission object:


String user1 = "Abbott";
String role1 = "Straightman";
PrincipalPermission PrincipalPerm1 =
New PrincipalPermission (user1, role1);
String user2 = "Costello";
String role2 = "funnyman";
PrincipalPermission pp =
New PrincipalPermission (User2, role2);
Principalperm1.union (PP). Demand ();

The above code shows how to use merging two PrincipalPermission objects, and after merging, if the user is the Straightman role's Abbott or the Costello of the funnyman role, then demand will return successfully.

The above is the base class and some sample code that is needed for role-based security, and I hope you can get a glimpse of it from above. NET security of the door, can better application. NET security to develop secure programs.