SecurityAction SecurityAction SecurityAction SecurityAction Enum

Definition

Warnung

Diese API ist jetzt veraltet.

Gibt die Sicherheitsaktionen an, die mit deklarativer Sicherheit ausgeführt werden können.Specifies the security actions that can be performed using declarative security.

public enum class SecurityAction
[System.Runtime.InteropServices.ComVisible(true)]
[System.Obsolete("CAS support is not available with Silverlight applications.")]
[System.Serializable]
public enum SecurityAction
type SecurityAction = 
Public Enum SecurityAction
Vererbung
SecurityActionSecurityActionSecurityActionSecurityAction
Attribute

Felder

Assert Assert Assert Assert 3

Der aufrufende Code kann auf die durch das aktuelle Berechtigungsobjekt identifizierte Ressource zugreifen, selbst wenn Aufrufern einer höheren Ebene in der Aufrufliste keine Berechtigung für den Zugriff auf die Ressource erteilt wurde (siehe Verwenden der Assert-Methode).The calling code can access the resource identified by the current permission object, even if callers higher in the stack have not been granted permission to access the resource (see Using the Assert Method).

Demand Demand Demand Demand 2

Allen Aufrufern einer höheren Ebene in der Aufrufliste muss die vom aktuellen Berechtigungsobjekt angegebene Berechtigung erteilt worden sein.All callers higher in the call stack are required to have been granted the permission specified by the current permission object.

Deny Deny Deny Deny 4

Die Möglichkeit, auf die durch das aktuelle Berechtigungsobjekt angegebene Ressource zuzugreifen, wird Aufrufern auch dann verweigert, wenn ihnen die Berechtigung für den Zugriff erteilt wurde (siehe Verwenden der Deny-Methode).The ability to access the resource specified by the current permission object is denied to callers, even if they have been granted permission to access it (see Using the Deny Method).

InheritanceDemand InheritanceDemand InheritanceDemand InheritanceDemand 7

Der abgeleiteten Klasse, die die Klasse erbt oder eine Methode überschreibt, muss die angegebene Berechtigung erteilt worden sein.The derived class inheriting the class or overriding a method is required to have been granted the specified permission.

LinkDemand LinkDemand LinkDemand LinkDemand 6

Dem unmittelbaren Aufrufer muss die angegebene Berechtigung erteilt worden sein.The immediate caller is required to have been granted the specified permission. Verwenden Sie dies nicht in .NET Framework 4.NET Framework 4.Do not use in the .NET Framework 4.NET Framework 4. Verwenden Sie stattdessen für volle Vertrauenswürdigkeit SecurityCriticalAttribute und für teilweise Vertrauenswürdigkeit Demand.For full trust, use SecurityCriticalAttribute instead; for partial trust, use Demand.

PermitOnly PermitOnly PermitOnly PermitOnly 5

Nur auf die durch dieses Berechtigungsobjekt angegebenen Ressourcen kann zugegriffen werden, selbst wenn dem Code die Berechtigung für den Zugriff auf andere Ressourcen gewährt wurde.Only the resources specified by this permission object can be accessed, even if the code has been granted permission to access other resources.

RequestMinimum RequestMinimum RequestMinimum RequestMinimum 8

Die Anforderung der Mindestberechtigungen, die zum Ausführen des Codes erforderlich sind.The request for the minimum permissions required for code to run. Diese Aktion kann nur innerhalb des Gültigkeitsbereichs der Assembly verwendet werden.This action can only be used within the scope of the assembly.

RequestOptional RequestOptional RequestOptional RequestOptional 9

Die Anforderung weiterer Berechtigungen, die optional sind (zur Ausführung nicht erforderlich).The request for additional permissions that are optional (not required to run). Diese Anforderung lehnt implizit alle anderen nicht speziell angeforderten Berechtigungen ab.This request implicitly refuses all other permissions not specifically requested. Diese Aktion kann nur innerhalb des Gültigkeitsbereichs der Assembly verwendet werden.This action can only be used within the scope of the assembly.

RequestRefuse RequestRefuse RequestRefuse RequestRefuse 10

Die Anforderung, dass dem aufrufenden Code keine Berechtigungen erteilt werden, die missbraucht werden könnten.The request that permissions that might be misused will not be granted to the calling code. Diese Aktion kann nur innerhalb des Gültigkeitsbereichs der Assembly verwendet werden.This action can only be used within the scope of the assembly.

Beispiele

Dieses Beispiel zeigt, wie Sie die CLR darüber zu benachrichtigen, der Code in aufgerufenen Methoden nur IsolatedStoragePermission, und veranschaulicht, wie zum Schreiben und Lesen aus dem isolierten Speicher.This example shows how to notify the CLR that code in called methods has only IsolatedStoragePermission, and also demonstrates how to write and read from isolated storage.

using namespace System;
using namespace System::Security;
using namespace System::Security::Permissions;
using namespace System::IO::IsolatedStorage;
using namespace System::IO;


static void WriteIsolatedStorage()
{
    try
    {
        // Attempt to create a storage file that is isolated by
        // user and assembly. IsolatedStorageFilePermission
        // granted to the attribute at the top of this file
        // allows CLR to load this assembly and execution of this
        // statement.
        Stream^ fileCreateStream = gcnew
            IsolatedStorageFileStream(
            "AssemblyData",
            FileMode::Create,
            IsolatedStorageFile::GetUserStoreForAssembly());

        StreamWriter^ streamWriter = gcnew StreamWriter(
            fileCreateStream);
        try
        {
            // Write some data out to the isolated file.

            streamWriter->Write("This is some test data.");
            streamWriter->Close();	
        }
        finally
        {
            delete fileCreateStream;
            delete streamWriter;
        } 
    }
    catch (IOException^ ex)
    {
        Console::WriteLine(ex->Message);
    }

    try
    {
        Stream^ fileOpenStream =
            gcnew IsolatedStorageFileStream(
            "AssemblyData",
            FileMode::Open,
            IsolatedStorageFile::GetUserStoreForAssembly());
        // Attempt to open the file that was previously created.

        StreamReader^ streamReader = gcnew StreamReader(
            fileOpenStream);
        try
        { 
            // Read the data from the file and display it.

            Console::WriteLine(streamReader->ReadLine());
            streamReader->Close();
        }
        finally
        {
            delete fileOpenStream;
            delete streamReader;
        }
    }
    catch (FileNotFoundException^ ex)
    {
        Console::WriteLine(ex->Message);
    }
    catch (IOException^ ex)
    {
        Console::WriteLine(ex->Message);
    }
}
// Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
// This restricts the called methods to working only with storage files that are isolated 
// by user and assembly.
[IsolatedStorageFilePermission(SecurityAction::PermitOnly, UsageAllowed = IsolatedStorageContainment::AssemblyIsolationByUser)]
int main()
{
	WriteIsolatedStorage();
}

// This code produces the following output.
//
//  This is some test data.
using System;
using System.Security.Permissions;
using System.IO.IsolatedStorage;
using System.IO;

// Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
// This restricts the called methods to working only with storage files that are isolated 
// by user and assembly.
[IsolatedStorageFilePermission(SecurityAction.PermitOnly, UsageAllowed = IsolatedStorageContainment.AssemblyIsolationByUser)]
public sealed class App
{
    static void Main()
    {
        WriteIsolatedStorage();

    }
    private static void WriteIsolatedStorage()
    {
        // Attempt to create a storage file that is isolated by user and assembly.
        // IsolatedStorageFilePermission granted to the attribute at the top of this file 
        // allows CLR to load this assembly and execution of this statement.
        using (Stream s = new IsolatedStorageFileStream("AssemblyData", FileMode.Create, IsolatedStorageFile.GetUserStoreForAssembly()))
        {

            // Write some data out to the isolated file.
            using (StreamWriter sw = new StreamWriter(s))
            {
                sw.Write("This is some test data.");
            }
        }

        // Attempt to open the file that was previously created.
        using (Stream s = new IsolatedStorageFileStream("AssemblyData", FileMode.Open, IsolatedStorageFile.GetUserStoreForAssembly()))
        {
            // Read the data from the file and display it.
            using (StreamReader sr = new StreamReader(s))
            {
                Console.WriteLine(sr.ReadLine());
            }
        }
    }
}

// This code produces the following output.
//
//  Some test data.
Option Strict On
Imports System
Imports System.Security.Permissions
Imports System.IO.IsolatedStorage
Imports System.IO


' Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
' This restricts the called methods to working only with storage files that are isolated 
' by user and assembly.
<IsolatedStorageFilePermission(SecurityAction.PermitOnly, UsageAllowed:=IsolatedStorageContainment.AssemblyIsolationByUser)> _
Public NotInheritable Class App

    Shared Sub Main()
        WriteIsolatedStorage()
    End Sub 'Main
    Shared Sub WriteIsolatedStorage()
        ' Attempt to create a storage file that is isolated by user and assembly.
        ' IsolatedStorageFilePermission granted to the attribute at the top of this file 
        ' allows CLR to load this assembly and execution of this statement.
        Dim s As New IsolatedStorageFileStream("AssemblyData", FileMode.Create, IsolatedStorageFile.GetUserStoreForAssembly())
        Try

            ' Write some data out to the isolated file.
            Dim sw As New StreamWriter(s)
            Try
                sw.Write("This is some test data.")
            Finally
                sw.Dispose()
            End Try
        Finally
            s.Dispose()
        End Try

        ' Attempt to open the file that was previously created.
        Dim t As New IsolatedStorageFileStream("AssemblyData", FileMode.Open, IsolatedStorageFile.GetUserStoreForAssembly())
        Try
            ' Read the data from the file and display it.
            Dim sr As New StreamReader(t)
            Try
                Console.WriteLine(sr.ReadLine())
            Finally
                sr.Dispose()
            End Try
        Finally
            t.Dispose()
        End Try

    End Sub
End Class 'App

' This code produces the following output.
'
'  Some test data.

Hinweise

Die folgende Tabelle beschreibt die Zeit, die jede Sicherheitsaktion verwendet werden, Ort und die Ziele, die es unterstützt.The following table describes the time that each security action takes place and the targets that it supports.

Wichtig

In der .NET Framework 4.NET Framework 4, Runtime-Unterstützung wurde für das Erzwingen der berechtigungsanforderungen verweigern, RequestMinimum, RequestOptional und RequestRefuse entfernt.In the .NET Framework 4.NET Framework 4, runtime support has been removed for enforcing the Deny, RequestMinimum, RequestOptional, and RequestRefuse permission requests. Diese Anforderungen sollten nicht in Code verwendet werden, der auf .NET Framework 4.NET Framework 4 oder höher basiert.These requests should not be used in code that is based on .NET Framework 4.NET Framework 4 or later. Weitere Informationen zu diesen und anderen Änderungen finden Sie unter Sicherheitsänderungen.For more information about this and other changes, see Security Changes.

Verwenden Sie nicht LinkDemand in die .NET Framework 4.NET Framework 4.You should not use LinkDemand in the .NET Framework 4.NET Framework 4. Verwenden Sie stattdessen die SecurityCriticalAttribute zum Einschränken der Verwendung auf voll vertrauenswürdige Anwendungen, oder verwenden Sie Demand um teilweise vertrauenswürdige Aufrufer zu beschränken.Instead, use the SecurityCriticalAttribute to restrict usage to fully trusted applications, or use Demand to restrict partially trusted callers.

Deklaration von SicherheitsaktionDeclaration of security action Zeitpunkt der AktionTime of action Unterstützte ZieleTargets supported
LinkDemand (verwenden Sie nicht in der .NET Framework 4.NET Framework 4)LinkDemand (do not use in the .NET Framework 4.NET Framework 4) Just-in-Time-KompilierungJust-in-time compilation Klasse, MethodeClass, method
InheritanceDemand LadezeitLoad time Klasse, MethodeClass, method
Demand LaufzeitRun time Klasse, MethodeClass, method
Assert LaufzeitRun time Klasse, MethodeClass, method
Deny (veraltete Elemente in der .NET Framework 4.NET Framework 4)Deny (obsolete in the .NET Framework 4.NET Framework 4) LaufzeitRun time Klasse, MethodeClass, method
PermitOnly LaufzeitRun time Klasse, MethodeClass, method
RequestMinimum (veraltete Elemente in der .NET Framework 4.NET Framework 4)RequestMinimum (obsolete in the .NET Framework 4.NET Framework 4) GRANT-ZeitGrant time AssemblyAssembly
RequestOptional (veraltete Elemente in der .NET Framework 4.NET Framework 4)RequestOptional (obsolete in the .NET Framework 4.NET Framework 4) GRANT-ZeitGrant time AssemblyAssembly
RequestRefuse (veraltete Elemente in der .NET Framework 4.NET Framework 4)RequestRefuse (obsolete in the .NET Framework 4.NET Framework 4) GRANT-ZeitGrant time AssemblyAssembly

Weitere Informationen zu Attribut abzielt, finden Sie unter Attribute.For additional information about attribute targets, see Attribute.

Gilt für: