SocketPermission クラス

定義

トランスポート アドレス上で接続を確立または受け入れるための権限を制御します。Controls rights to make or accept connections on a transport address.

public ref class SocketPermission sealed : System::Security::CodeAccessPermission, System::Security::Permissions::IUnrestrictedPermission
[System.Serializable]
public sealed class SocketPermission : System.Security.CodeAccessPermission, System.Security.Permissions.IUnrestrictedPermission
type SocketPermission = class
    inherit CodeAccessPermission
    interface IUnrestrictedPermission
Public NotInheritable Class SocketPermission
Inherits CodeAccessPermission
Implements IUnrestrictedPermission
継承
SocketPermission
属性
実装

次の例では、 SocketPermissionクラスを使用して、さまざまなソケットアクセス制限を設定、変更、および適用する方法を示します。The following example demonstrates how to use the SocketPermission class to set, change, and enforce various socket access restrictions.

// Creates a SocketPermission restricting access to and from all URIs.
SocketPermission^ mySocketPermission1 = gcnew SocketPermission( PermissionState::None );

// The socket to which this permission will apply will allow connections from www.contoso.com.
mySocketPermission1->AddPermission( NetworkAccess::Accept, TransportType::Tcp,  "www.contoso.com", 11000 );

// Creates a SocketPermission which will allow the target Socket to connect with www.southridgevideo.com.
SocketPermission^ mySocketPermission2 = gcnew SocketPermission( NetworkAccess::Connect,TransportType::Tcp, "www.southridgevideo.com",11002 );

// Creates a SocketPermission from the union of two SocketPermissions.
SocketPermission^ mySocketPermissionUnion =
   (SocketPermission^)( mySocketPermission1->Union( mySocketPermission2 ) );

// Checks to see if the union was successfully created by using the IsSubsetOf method.
if ( mySocketPermission1->IsSubsetOf( mySocketPermissionUnion ) &&
   mySocketPermission2->IsSubsetOf( mySocketPermissionUnion ) )
{
   Console::WriteLine(  "This union contains permissions from both mySocketPermission1 and mySocketPermission2" );
   
   // Prints the allowable accept URIs to the console.
   Console::WriteLine(  "This union accepts connections on :" );

   IEnumerator^ myEnumerator = mySocketPermissionUnion->AcceptList;
   while ( myEnumerator->MoveNext() )
   {
      Console::WriteLine( safe_cast<EndpointPermission^>( myEnumerator->Current )->ToString() );
   }
   
   // Prints the allowable connect URIs to the console.
   Console::WriteLine(  "This union permits connections to :" );

   myEnumerator = mySocketPermissionUnion->ConnectList;
   while ( myEnumerator->MoveNext() )
   {
      Console::WriteLine( safe_cast<EndpointPermission^>( myEnumerator->Current )->ToString() );
   }
}

// Creates a SocketPermission from the intersect of two SocketPermissions.
SocketPermission^ mySocketPermissionIntersect =
   (SocketPermission^)( mySocketPermission1->Intersect( mySocketPermissionUnion ) );

// mySocketPermissionIntersect should now contain the permissions of mySocketPermission1.
if ( mySocketPermission1->IsSubsetOf( mySocketPermissionIntersect ) )
{
   Console::WriteLine(  "This is expected" );
}

// mySocketPermissionIntersect should not contain the permissios of mySocketPermission2.
if ( mySocketPermission2->IsSubsetOf( mySocketPermissionIntersect ) )
{
   Console::WriteLine(  "This should not print" );
}

// Creates a copy of the intersect SocketPermission.
SocketPermission^ mySocketPermissionIntersectCopy =
   (SocketPermission^)( mySocketPermissionIntersect->Copy() );
if ( mySocketPermissionIntersectCopy->Equals( mySocketPermissionIntersect ) )
{
   Console::WriteLine(  "Copy successfull" );
}

// Converts a SocketPermission to XML format and then immediately converts it back to a SocketPermission.
mySocketPermission1->FromXml( mySocketPermission1->ToXml() );

// Checks to see if permission for this socket resource is unrestricted.  If it is, then there is no need to
// demand that permissions be enforced.
if ( mySocketPermissionUnion->IsUnrestricted() )
{
   //Do nothing.  There are no restrictions.
}
else
{
   // Enforces the permissions found in mySocketPermissionUnion on any Socket Resources used below this statement. 
   mySocketPermissionUnion->Demand();
}

IPHostEntry^ myIpHostEntry = Dns::Resolve(  "www.contoso.com" );
IPEndPoint^ myLocalEndPoint = gcnew IPEndPoint( myIpHostEntry->AddressList[ 0 ], 11000 );

Socket^ s = gcnew Socket( myLocalEndPoint->Address->AddressFamily,
   SocketType::Stream,
   ProtocolType::Tcp );
try
{
   s->Connect( myLocalEndPoint );
}
catch ( Exception^ e ) 
{
   Console::Write(  "Exception Thrown: " );
   Console::WriteLine( e->ToString() );
}

// Perform all socket operations in here.
s->Close();

     // Creates a SocketPermission restricting access to and from all URIs.
     SocketPermission mySocketPermission1 = new SocketPermission(PermissionState.None);

     // The socket to which this permission will apply will allow connections from www.contoso.com.
     mySocketPermission1.AddPermission(NetworkAccess.Accept, TransportType.Tcp, "www.contoso.com", 11000);

     // Creates a SocketPermission which will allow the target Socket to connect with www.southridgevideo.com.
     SocketPermission mySocketPermission2 =
                                new SocketPermission(NetworkAccess.Connect, TransportType.Tcp, "www.southridgevideo.com", 11002);

     // Creates a SocketPermission from the union of two SocketPermissions.
     SocketPermission mySocketPermissionUnion = 
                                (SocketPermission)mySocketPermission1.Union(mySocketPermission2);

     // Checks to see if the union was successfully created by using the IsSubsetOf method.
     if (mySocketPermission1.IsSubsetOf(mySocketPermissionUnion) && 
           mySocketPermission2.IsSubsetOf(mySocketPermissionUnion)){
          Console.WriteLine("This union contains permissions from both mySocketPermission1 and mySocketPermission2"); 

          // Prints the allowable accept URIs to the console.
          Console.WriteLine("This union accepts connections on :");

          IEnumerator myEnumerator = mySocketPermissionUnion.AcceptList;
       while (myEnumerator.MoveNext()) {
               Console.WriteLine(((EndpointPermission)myEnumerator.Current).ToString());
            }      

             // Prints the allowable connect URIs to the console.
          Console.WriteLine("This union permits connections to :");

          myEnumerator = mySocketPermissionUnion.ConnectList;
       while (myEnumerator.MoveNext()) {
               Console.WriteLine(((EndpointPermission)myEnumerator.Current).ToString());
            }      

           }


     // Creates a SocketPermission from the intersect of two SocketPermissions.
     SocketPermission mySocketPermissionIntersect = 
                               (SocketPermission)mySocketPermission1.Intersect(mySocketPermissionUnion);

     // mySocketPermissionIntersect should now contain the permissions of mySocketPermission1.
     if (mySocketPermission1.IsSubsetOf(mySocketPermissionIntersect)){
          Console.WriteLine("This is expected");
     }
    // mySocketPermissionIntersect should not contain the permissios of mySocketPermission2.
     if (mySocketPermission2.IsSubsetOf(mySocketPermissionIntersect)){
          Console.WriteLine("This should not print");
     }



// Creates a copy of the intersect SocketPermission.
     SocketPermission mySocketPermissionIntersectCopy = 
                               (SocketPermission)mySocketPermissionIntersect.Copy();

     if (mySocketPermissionIntersectCopy.Equals(mySocketPermissionIntersect)){
     Console.WriteLine("Copy successfull");
     }


     // Converts a SocketPermission to XML format and then immediately converts it back to a SocketPermission.
     mySocketPermission1.FromXml(mySocketPermission1.ToXml());
     

     // Checks to see if permission for this socket resource is unrestricted.  If it is, then there is no need to
     // demand that permissions be enforced.
     if (mySocketPermissionUnion.IsUnrestricted()){
        
          //Do nothing.  There are no restrictions.

     }
     else{
         // Enforces the permissions found in mySocketPermissionUnion on any Socket Resources used below this statement. 
         mySocketPermissionUnion.Demand();
     }

    IPHostEntry myIpHostEntry = Dns.Resolve("www.contoso.com");
    IPEndPoint myLocalEndPoint = new IPEndPoint(myIpHostEntry.AddressList[0], 11000);

       Socket s = new Socket(myLocalEndPoint.Address.AddressFamily,
                                   SocketType.Stream,
                                         ProtocolType.Tcp);
       try{
            s.Connect(myLocalEndPoint);
       }
       catch (Exception e){
            Console.WriteLine("Exception Thrown: " + e.ToString());
       } 

      // Perform all socket operations in here.
      
      s.Close();
   ' Creates a SocketPermission restricting access to and from all URIs.
   Dim mySocketPermission1 As New SocketPermission(PermissionState.None)
   
   ' The socket to which this permission will apply will allow connections from www.contoso.com.
   mySocketPermission1.AddPermission(NetworkAccess.Accept, TransportType.Tcp, "www.contoso.com", 11000)
   
   ' Creates a SocketPermission which will allow the target Socket to connect with www.southridgevideo.com.
   Dim mySocketPermission2 As New SocketPermission(NetworkAccess.Connect, TransportType.Tcp, "www.southridgevideo.com", 11002)
   
   ' Creates a SocketPermission from the union of two SocketPermissions.
   Dim mySocketPermissionUnion As SocketPermission = CType(mySocketPermission1.Union(mySocketPermission2), SocketPermission)
   
   ' Checks to see if the union was successfully created by using the IsSubsetOf method.
   If mySocketPermission1.IsSubsetOf(mySocketPermissionUnion) And mySocketPermission2.IsSubsetOf(mySocketPermissionUnion) Then
      Console.WriteLine("This union contains permissions from both mySocketPermission1 and mySocketPermission2")
      
      ' Prints the allowable accept URIs to the console.
      Console.WriteLine("This union accepts connections on :")
      
      Dim myEnumerator As IEnumerator = mySocketPermissionUnion.AcceptList
      While myEnumerator.MoveNext()
         Console.WriteLine(CType(myEnumerator.Current, EndpointPermission).ToString())
      End While
      
      Console.WriteLine("This union establishes connections on : ")
      
      ' Prints the allowable connect URIs to the console.
      Console.WriteLine("This union permits connections to :")
      
      myEnumerator = mySocketPermissionUnion.ConnectList
      While myEnumerator.MoveNext()
         Console.WriteLine(CType(myEnumerator.Current, EndpointPermission).ToString())
      End While
   End If 
   ' Creates a SocketPermission from the intersect of two SocketPermissions.
   Dim mySocketPermissionIntersect As SocketPermission = CType(mySocketPermission1.Intersect(mySocketPermissionUnion), SocketPermission)
   
   ' mySocketPermissionIntersect should now contain the permissions of mySocketPermission1.
   If mySocketPermission1.IsSubsetOf(mySocketPermissionIntersect) Then
      Console.WriteLine("This is expected")
   End If
   ' mySocketPermissionIntersect should not contain the permissios of mySocketPermission2.
   If mySocketPermission2.IsSubsetOf(mySocketPermissionIntersect) Then
      Console.WriteLine("This should not print")
   End If
   
   ' Creates a copy of the intersect SocketPermission.
   Dim mySocketPermissionIntersectCopy As SocketPermission = CType(mySocketPermissionIntersect.Copy(), SocketPermission)
   
   If mySocketPermissionIntersectCopy.Equals(mySocketPermissionIntersect) Then
      Console.WriteLine("Copy successfull")
   End If
   ' Converts a SocketPermission to XML format and then immediately converts it back to a SocketPermission.
   mySocketPermission1.FromXml(mySocketPermission1.ToXml())
   
   
   ' Checks to see if permission for this socket resource is unrestricted.  If it is, then there is no need to
   ' demand that permissions be enforced.
   If mySocketPermissionUnion.IsUnrestricted() Then
   
   'Do nothing.  There are no restrictions.
   Else
      ' Enforces the permissions found in mySocketPermissionUnion on any Socket Resources used below this statement. 
      mySocketPermissionUnion.Demand()
   End If
   
   Dim myIpHostEntry As IPHostEntry = Dns.Resolve("www.contoso.com")
   Dim myLocalEndPoint As New IPEndPoint(myIpHostEntry.AddressList(0), 11000)
   
   Dim s As New Socket(myLocalEndPoint.Address.AddressFamily, SocketType.Stream, ProtocolType.Tcp)
   Try
      s.Connect(myLocalEndPoint)
   Catch e As Exception
      Console.WriteLine(("Exception Thrown: " + e.ToString()))
   End Try
   
   ' Perform all socket operations in here.
   s.Close()
End Sub

注釈

SocketPermissionインスタンスは、接続を受け入れるか接続Socketを開始するためのアクセス許可を制御します。SocketPermission instances control permission to accept connections or initiate Socket connections. Socketアクセス許可は、ホスト名または IP アドレス、ポート番号、およびトランスポートプロトコルに対して設定できます。A Socket permission can be established for a host name or IP address, a port number, and a transport protocol.

注意

ホスト名を使用してソケットアクセス許可を作成するのは避けてください。これらの名前を IP アドレスに解決する必要があり、これによってスタックがブロックされる可能性があります。Avoid creating socket permissions using host names, as these names have to be resolved to IP addresses, and this might block the stack.

コンストラクター

SocketPermission(NetworkAccess, TransportType, String, Int32)

指定したトランスポート アドレスと指定したアクセス許可で、SocketPermission クラスの新しいインスタンスを初期化します。Initializes a new instance of the SocketPermission class for the given transport address with the specified permission.

SocketPermission(PermissionState)

SocketPermission への無制限のアクセスを許可するか、Socket へのアクセスを禁止する Socket クラスの新しいインスタンスを初期化します。Initializes a new instance of the SocketPermission class that allows unrestricted access to the Socket or disallows access to the Socket.

フィールド

AllPorts

すべてのポートを表す定数を定義します。Defines a constant that represents all ports.

プロパティ

AcceptList

このアクセス許可インスタンスの制約下で受け入れられるエンドポイントを識別する EndpointPermission インスタンスの一覧を取得します。Gets a list of EndpointPermission instances that identifies the endpoints that can be accepted under this permission instance.

ConnectList

このアクセス許可インスタンスの制約下で接続できるエンドポイントを識別する EndpointPermission インスタンスの一覧を取得します。Gets a list of EndpointPermission instances that identifies the endpoints that can be connected to under this permission instance.

メソッド

AddPermission(NetworkAccess, TransportType, String, Int32)

トランスポート アドレスのアクセス許可のセットにアクセス許可を追加します。Adds a permission to the set of permissions for a transport address.

Assert()

呼び出し側コードが、このメソッドを呼び出すコードを通じて、アクセス許可要求によって保護されているリソースにアクセス可能であるということ、それも、スタックの中で上位に位置する呼び出し側にリソースへのアクセス許可が付与されていない場合でさえそれが可能であることを宣言します。Declares that the calling code can access the resource protected by a permission demand through the code that calls this method, even if callers higher in the stack have not been granted permission to access the resource. Assert() を使用すると、セキュリティ上の問題が発生することがあります。Using Assert() can create security issues.

(継承元 CodeAccessPermission)
Copy()

SocketPermission インスタンスのコピーを作成します。Creates a copy of a SocketPermission instance.

Demand()

呼び出し履歴の上位にあるすべての呼び出し元に、現在のインスタンスによって指定されているアクセス許可が付与されていない場合、実行時に SecurityException を強制します。Forces a SecurityException at run time if all callers higher in the call stack have not been granted the permission specified by the current instance.

(継承元 CodeAccessPermission)
Deny()

呼び出し履歴内の上位の呼び出し元が、このメソッドを呼び出すコードを使用して、現在のインスタンスで指定されたリソースにアクセスしないようにします。Prevents callers higher in the call stack from using the code that calls this method to access the resource specified by the current instance.

(継承元 CodeAccessPermission)
Equals(Object)

指定した CodeAccessPermission オブジェクトが、現在の CodeAccessPermission と等しいかどうかを判断します。Determines whether the specified CodeAccessPermission object is equal to the current CodeAccessPermission.

(継承元 CodeAccessPermission)
FromXml(SecurityElement)

XML エンコーディング用の SocketPermission インスタンスを再構築します。Reconstructs a SocketPermission instance for an XML encoding.

GetHashCode()

ハッシュ アルゴリズムや、ハッシュ テーブルのようなデータ構造での使用に適している、CodeAccessPermission オブジェクトのハッシュ コードを取得します。Gets a hash code for the CodeAccessPermission object that is suitable for use in hashing algorithms and data structures such as a hash table.

(継承元 CodeAccessPermission)
GetType()

現在のインスタンスの Type を取得します。Gets the Type of the current instance.

(継承元 Object)
Intersect(IPermission)

2 つの SocketPermission インスタンス間の論理積集合を返します。Returns the logical intersection between two SocketPermission instances.

IsSubsetOf(IPermission)

現在のアクセス許可が、指定したアクセス許可のサブセットかどうかを判断します。Determines if the current permission is a subset of the specified permission.

IsUnrestricted()

オブジェクトの全般的なアクセス許可状態をチェックします。Checks the overall permission state of the object.

MemberwiseClone()

現在の Object の簡易コピーを作成します。Creates a shallow copy of the current Object.

(継承元 Object)
PermitOnly()

呼び出し履歴内の上位の呼び出し元が、このメソッドを呼び出すコードでは一切リソースにアクセスできないようにします。ただし、現在のインスタンスで指定されているリソースは例外です。Prevents callers higher in the call stack from using the code that calls this method to access all resources except for the resource specified by the current instance.

(継承元 CodeAccessPermission)
ToString()

現在のアクセス許可オブジェクトの文字列形式を作成して返します。Creates and returns a string representation of the current permission object.

(継承元 CodeAccessPermission)
ToXml()

SocketPermission インスタンスとその現在の状態を表す XML エンコーディングを作成します。Creates an XML encoding of a SocketPermission instance and its current state.

Union(IPermission)

2 つの SocketPermission インスタンス間の論理和集合を返します。Returns the logical union between two SocketPermission instances.

明示的なインターフェイスの実装

IPermission.Demand() (継承元 CodeAccessPermission)
IStackWalk.Assert() (継承元 CodeAccessPermission)
IStackWalk.Demand() (継承元 CodeAccessPermission)
IStackWalk.Deny() (継承元 CodeAccessPermission)
IStackWalk.PermitOnly() (継承元 CodeAccessPermission)

適用対象