Granting/Demanding a custom permission
-
I've created a very, very simple custom CodeAccessPermission class. It basically does nothing more than override the necessary base class methods and implement IUnrestrictedPermission. In another class, I want to perform an imperative security check to ensure the caller has been granted my custom permission:
public static void ReadData() { CustomPermission MyPermission = new CustomPermission(PermissionState.Unrestricted); MyPermission.Demand(); //perform method stuff... }The problem is, I haven't done anything to specifically grant my application this permission, and when I call Demand no SecurityException is thrown. But, I want a SecurityException to be thrown since I have not explicitly granted any code that permission. Why does this happen? - Mike ------------------------- "No human being would stack books like that." - Dr. Venkman -
I've created a very, very simple custom CodeAccessPermission class. It basically does nothing more than override the necessary base class methods and implement IUnrestrictedPermission. In another class, I want to perform an imperative security check to ensure the caller has been granted my custom permission:
public static void ReadData() { CustomPermission MyPermission = new CustomPermission(PermissionState.Unrestricted); MyPermission.Demand(); //perform method stuff... }The problem is, I haven't done anything to specifically grant my application this permission, and when I call Demand no SecurityException is thrown. But, I want a SecurityException to be thrown since I have not explicitly granted any code that permission. Why does this happen? - Mike ------------------------- "No human being would stack books like that." - Dr. VenkmanYou've hopefully already read this, but be sure you're familiar with the content described in Creating Your Own Code Access Permissions[^] in the .NET Framework SDK. Also be sure that your permission class is installed into the GAC and granted FullTrust permissions, as is documented (and for reasons that should be obvious). If your application is granted FullTrust permissions, than it really doesn't matter what permissions you demand - they will all succeed. Also, make sure that any callers higher in the stack haven't asserted that permissions (if they have it, they can grant it for children).
Microsoft MVP, Visual C# My Articles
-
You've hopefully already read this, but be sure you're familiar with the content described in Creating Your Own Code Access Permissions[^] in the .NET Framework SDK. Also be sure that your permission class is installed into the GAC and granted FullTrust permissions, as is documented (and for reasons that should be obvious). If your application is granted FullTrust permissions, than it really doesn't matter what permissions you demand - they will all succeed. Also, make sure that any callers higher in the stack haven't asserted that permissions (if they have it, they can grant it for children).
Microsoft MVP, Visual C# My Articles
I overlooked the subtle fact that all code on the local computer gets Full Trust by default. That's all. - Mike ------------------------- "No human being would stack books like that." - Dr. Venkman