AllowPartiallyTrustedCallersAttribute 类

定义

允许由部分信任的代码调用程序集。Allows an assembly to be called by partially trusted code. 如果没有此声明,则只有完全信任的调用方才可以使用此程序集。Without this declaration, only fully trusted callers are able to use the assembly. 此类不能被继承。This class cannot be inherited.

public ref class AllowPartiallyTrustedCallersAttribute sealed : Attribute
[System.AttributeUsage(System.AttributeTargets.Assembly, AllowMultiple=false, Inherited=false)]
[System.Runtime.InteropServices.ComVisible(true)]
public sealed class AllowPartiallyTrustedCallersAttribute : Attribute
type AllowPartiallyTrustedCallersAttribute = class
    inherit Attribute
Public NotInheritable Class AllowPartiallyTrustedCallersAttribute
Inherits Attribute
继承
AllowPartiallyTrustedCallersAttribute
属性

示例

下面的示例演示如何使用 AllowPartiallyTrustedCallersAttribute 类。The following example shows how to use the AllowPartiallyTrustedCallersAttribute class.

// The following HTML code can be used to call the user control in this sample.
//
//  <OBJECT id="usercontrol" classid="usercontrol.dll#UserControl.UserControl1" width="800"
//  height="300" style="font-size:12;">
// To run this test control you must create a strong name key, snkey.snk, and
// a code group that gives full trust to assemblies signed with snkey.snk.
// The user control displays an OpenFileDialog box, then displays a text box containing the name of
// the file selected and a list box that displays the contents of the file.  The selected file must
// contain text in order for the control to display the data properly.
// Caution  This sample demonstrates the use of the Assert method.  Calling Assert removes the
// requirement that all code in the call chain must be granted permission to access the specified
// resource, it can open up security vulnerabilities if used incorrectly or inappropriately. Therefore,
// it should be used with great caution.  Assert should always be followed with a RevertAssert
// command to restore the security settings.
#using <System.Windows.Forms.dll>
#using <System.Data.dll>
#using <System.Drawing.dll>
#using <System.dll>

using namespace System;
using namespace System::Collections;
using namespace System::ComponentModel;
using namespace System::Drawing;
using namespace System::Data;
using namespace System::Windows::Forms;
using namespace System::IO;
using namespace System::Security;
using namespace System::Security::Permissions;
using namespace System::Reflection;
using namespace System::Runtime::CompilerServices;

// This strong name key is used to create a code group that gives permissions to this assembly.
// The AllowPartiallyTrustedCallersAttribute requires the assembly to be signed with a strong name key.
// This attribute is necessary since the control is called by either an intranet or Internet
// Web page that should be running under restricted permissions.
// The userControl1 displays an OpenFileDialog box, then displays a text box containing the name of 
// the file selected and a list box that displays the contents of the file.  The selected file must 
// contain text in order for the control to display the data properly.

[assembly:AssemblyKeyFile("snKey.snk")];
[assembly:AssemblyVersion("1.0.0.0")];
[assembly:AllowPartiallyTrustedCallers];
public ref class UserControl1: public System::Windows::Forms::UserControl
{
private:
   System::Windows::Forms::TextBox^ textBox1;
   System::Windows::Forms::ListBox^ listBox1;

   // Required designer variable.
   System::ComponentModel::Container^ components;

public:
// Demand the zone requirement for the calling application.
[ZoneIdentityPermission(SecurityAction::Demand, Zone = SecurityZone::Intranet)]
   UserControl1()
   {
      
      // This call is required by the Windows.Forms Form Designer.
      InitializeComponent();
      
      // The OpenFileDialog box should not require any special permissions.
      OpenFileDialog^ fileDialog = gcnew OpenFileDialog;
      if ( fileDialog->ShowDialog() == DialogResult::OK )
      {
         
         // Reading the name of the selected file from the OpenFileDialog box
         // and reading the file requires FileIOPermission.  The user control should 
         // have this permission granted through its code group; the Web page that calls the 
         // control should not have this permission.  The Assert command prevents a stack walk 
         // that would fail because the caller does not have the required FileIOPermission.  
         // The use of Assert can open up security vulnerabilities if used incorrectly or 
         // inappropriately. Therefore, it should be used with great caution.
         // The Assert command should be followed by a RevertAssert as soon as the file operation 
         // is completed.
         (gcnew FileIOPermission( PermissionState::Unrestricted ))->Assert();
         textBox1->Text = fileDialog->FileName;

         // Display the contents of the file in the text box.
         FileStream^ fsIn = gcnew FileStream( textBox1->Text,FileMode::Open,FileAccess::Read,FileShare::Read );
         StreamReader^ sr = gcnew StreamReader( fsIn );
         
         // Process every line in the file
         for ( String ^ Line = sr->ReadLine(); Line != nullptr; Line = sr->ReadLine() )
         {
            listBox1->Items->Add( Line );

         }

         // file operations.
         FileIOPermission::RevertAssert();
      }
   }

private:

   /// <summary>
   /// Required method for Designer support - do not modify 
   /// the contents of this method with the code editor.
   /// </summary>
   void InitializeComponent()
   {
      this->textBox1 = gcnew System::Windows::Forms::TextBox;
      this->listBox1 = gcnew System::Windows::Forms::ListBox;
      this->SuspendLayout();
      
      // 
      // textBox1
      // 
      this->textBox1->Location = System::Drawing::Point( 208, 112 );
      this->textBox1->Name = "textBox1";
      this->textBox1->Size = System::Drawing::Size( 320, 20 );
      this->textBox1->TabIndex = 0;
      this->textBox1->Text = "textBox1";
      this->textBox1->TextChanged += gcnew System::EventHandler( this,&UserControl1::textBox1_TextChanged );
      
      // 
      // listBox1
      // 
      this->listBox1->Location = System::Drawing::Point( 200, 184 );
      this->listBox1->Name = "listBox1";
      this->listBox1->Size = System::Drawing::Size( 336, 108 );
      this->listBox1->TabIndex = 1;
      
      // 
      // UserControl1
      // 
      this->Controls->Add( this->listBox1 );
      this->Controls->Add( this->textBox1 );
      this->Name = "UserControl1";
      this->Size = System::Drawing::Size( 592, 400 );
      this->Load += gcnew System::EventHandler( this,&UserControl1::UserControl1_Load );
      this->ResumeLayout( false );
   }

   void UserControl1_Load( Object^ /*sender*/, System::EventArgs^ /*e*/ ){}

   void textBox1_TextChanged( Object^ /*sender*/, System::EventArgs^ /*e*/ ){}

};

// The following HTML code can be used to call the user control in this sample.
//
//		<OBJECT id="usercontrol" classid="usercontrol.dll#UserControl.UserControl1" width="800"
//		height="300" style="font-size:12;">

// To run this test control you must create a strong name key, snkey.snk, and 
// a code group that gives full trust to assemblies signed with snkey.snk.

// The user control displays an OpenFileDialog box, then displays a text box containing the name of 
// the file selected and a list box that displays the contents of the file.  The selected file must 
// contain text in order for the control to display the data properly.

// Caution  This sample demonstrates the use of the Assert method.  Calling Assert removes the 
// requirement that all code in the call chain must be granted permission to access the specified 
// resource, it can open up security vulnerabilities if used incorrectly or inappropriately. Therefore, 
// it should be used with great caution.  Assert should always be followed with a RevertAssert 
// command to restore the security settings.


using System;
using System.Collections;
using System.ComponentModel;
using System.Drawing;
using System.Data;
using System.Windows.Forms;
using System.IO;
using System.Security;
using System.Security.Permissions;
using System.Reflection;
using System.Runtime.CompilerServices;

// This strong name key is used to create a code group that gives permissions to this assembly.
[assembly: AssemblyKeyFile("snKey.snk")]
[assembly: AssemblyVersion("1.0.0.0")]

// The AllowPartiallyTrustedCallersAttribute requires the assembly to be signed with a strong name key.
// This attribute is necessary since the control is called by either an intranet or Internet
// Web page that should be running under restricted permissions.
[assembly:AllowPartiallyTrustedCallers]
namespace UserControl
{
    // The userControl1 displays an OpenFileDialog box, then displays a text box containing the name of 
    // the file selected and a list box that displays the contents of the file.  The selected file must 
    // contain text in order for the control to display the data properly.
    public class UserControl1 : System.Windows.Forms.UserControl
    {
        private System.Windows.Forms.TextBox textBox1;
        private System.Windows.Forms.ListBox listBox1;
        // Required designer variable.
        private System.ComponentModel.Container components = null;

              // Demand the zone requirement for the calling application.
              [ZoneIdentityPermission(SecurityAction.Demand, Zone = SecurityZone.Intranet)]
        public UserControl1()
        {
            // This call is required by the Windows.Forms Form Designer.
            InitializeComponent();

            // The OpenFileDialog box should not require any special permissions.
            OpenFileDialog fileDialog = new OpenFileDialog();
            if(fileDialog.ShowDialog() == DialogResult.OK)
            {
                // Reading the name of the selected file from the OpenFileDialog box
                // and reading the file requires FileIOPermission.  The user control should 
                // have this permission granted through its code group; the Web page that calls the 
                // control should not have this permission.  The Assert command prevents a stack walk 
                // that would fail because the caller does not have the required FileIOPermission.  
                // The use of Assert can open up security vulnerabilities if used incorrectly or 
                // inappropriately. Therefore, it should be used with great caution.
                // The Assert command should be followed by a RevertAssert as soon as the file operation 
                // is completed.
                new FileIOPermission(PermissionState.Unrestricted).Assert();
                textBox1.Text = fileDialog.FileName;
                // Display the contents of the file in the text box.
                FileStream fsIn = new FileStream(textBox1.Text, FileMode.Open, FileAccess.Read, 
                    FileShare.Read);
                StreamReader sr = new StreamReader(fsIn);
            
                // Process every line in the file
                for (String Line = sr.ReadLine(); Line != null; Line = sr.ReadLine()) 
                {
                    listBox1.Items.Add(Line);
                }
                // It is very important to call RevertAssert to restore the stack walk for
                // file operations.
                FileIOPermission.RevertAssert();
            }

        }

        // Clean up any resources being used.
        protected override void Dispose( bool disposing )
        {
            if( disposing )
            {
                if( components != null )
                    components.Dispose();
            }
            base.Dispose( disposing );
        }

        #region Component Designer generated code
        /// <summary>
        /// Required method for Designer support - do not modify 
        /// the contents of this method with the code editor.
        /// </summary>
        private void InitializeComponent()
        {
            this.textBox1 = new System.Windows.Forms.TextBox();
            this.listBox1 = new System.Windows.Forms.ListBox();
            this.SuspendLayout();
            // 
            // textBox1
            // 
            this.textBox1.Location = new System.Drawing.Point(208, 112);
            this.textBox1.Name = "textBox1";
            this.textBox1.Size = new System.Drawing.Size(320, 20);
            this.textBox1.TabIndex = 0;
            this.textBox1.Text = "textBox1";
            this.textBox1.TextChanged += new System.EventHandler(this.textBox1_TextChanged);
            // 
            // listBox1
            // 
            this.listBox1.Location = new System.Drawing.Point(200, 184);
            this.listBox1.Name = "listBox1";
            this.listBox1.Size = new System.Drawing.Size(336, 108);
            this.listBox1.TabIndex = 1;
            // 
            // UserControl1
            // 
            this.Controls.Add(this.listBox1);
            this.Controls.Add(this.textBox1);
            this.Name = "UserControl1";
            this.Size = new System.Drawing.Size(592, 400);
            this.Load += new System.EventHandler(this.UserControl1_Load);
            this.ResumeLayout(false);

        }
        #endregion

        private void UserControl1_Load(object sender, System.EventArgs e)
        {
        
        }

        private void textBox1_TextChanged(object sender, System.EventArgs e)
        {
        
        }


    }
}
' The following HTML code can be used to call the user control in this sample.
'
'		<OBJECT id="usercontrol" classid="usercontrol.dll#UserControl.UserControl1" width="800"
'		height="300" style="font-size:12;">
' To run this test control you must create a strong name key, snkey.snk, and 
' a code group that gives full trust to assemblies signed with snkey.snk.
' The user control displays an OpenFileDialog box, then displays a text box containing the name of 
' the file selected and a list box that displays the contents of the file.  The selected file must 
' contain text in order for the control to display the data properly.
' Caution  This sample demonstrates the use of the Assert method.  Calling Assert removes the 
' requirement that all code in the call chain must be granted permission to access the specified 
' resource, it can open up security vulnerabilities if used incorrectly or inappropriately. Therefore, 
' it should be used with great caution.  Assert should always be followed with a RevertAssert 
' command to restore the security settings.

Imports System.Collections
Imports System.ComponentModel
Imports System.Drawing
Imports System.Data
Imports System.Windows.Forms
Imports System.IO
Imports System.Security
Imports System.Security.Permissions
Imports System.Reflection
Imports System.Runtime.CompilerServices

' This strong name key is used to create a code group that gives permissions to this assembly.

<Assembly: AssemblyKeyFile("snKey.snk")> 

<Assembly: AssemblyVersion("1.0.0.0")> 
' The AllowPartiallyTrustedCallersAttribute requires the assembly to be signed with a strong name key.
' This attribute is necessary since the control is called by either an intranet or Internet
' Web page that should be running under restricted permissions.

<Assembly: AllowPartiallyTrustedCallers()> 

' The userControl1 displays an OpenFileDialog box, then displays a text box containing the name of 
' the file selected and a list box that displays the contents of the file.  The selected file must 
' contain text in order for the control to display the data properly.

'Demand the zone requirement for the calling application.
<ZoneIdentityPermissionAttribute(SecurityAction.Demand, Zone:=SecurityZone.Intranet)> _
Public Class UserControl1
    Inherits System.Windows.Forms.UserControl
    Private WithEvents textBox1 As System.Windows.Forms.TextBox
    Private listBox1 As System.Windows.Forms.ListBox
    ' Required designer variable.
    Private components As System.ComponentModel.Container = Nothing


    Public Sub New()
        ' This call is required by the Windows.Forms Form Designer.
        InitializeComponent()

        ' The OpenFileDialog box should not require any special permissions.
        Dim fileDialog As New OpenFileDialog
        If fileDialog.ShowDialog() = DialogResult.OK Then
            ' Reading the name of the selected file from the OpenFileDialog box
            ' and reading the file requires FileIOPermission.  The user control should 
            ' have this permission granted through its code group; the Web page that calls the 
            ' control should not have this permission.  The Assert command prevents a stack walk 
            ' that would fail because the caller does not have the required FileIOPermission.  
            ' The use of Assert can open up security vulnerabilities if used incorrectly or 
            ' inappropriately. Therefore, it should be used with great caution.
            ' The Assert command should be followed by a RevertAssert as soon as the file operation 
            ' is completed.
            Dim fileIOPermission As New FileIOPermission(PermissionState.Unrestricted)
            fileIOPermission.Assert()
            textBox1.Text = fileDialog.FileName
            ' Display the contents of the file in the text box.
            Dim fsIn As New FileStream(textBox1.Text, FileMode.Open, FileAccess.Read, FileShare.Read)
            Dim sr As New StreamReader(fsIn)

            ' Process every line in the file
            Dim Line As String
            Line = sr.ReadLine()
            While Not (Line Is Nothing)
                listBox1.Items.Add(Line)
                Line = sr.ReadLine()
            End While
            ' It is very important to call RevertAssert to restore the stack walk for
            ' file operations.
            fileIOPermission.RevertAssert()
        End If
    End Sub


    ' Clean up any resources being used.
    Protected Overloads Sub Dispose(ByVal disposing As Boolean)
        If disposing Then
            If Not (components Is Nothing) Then
                components.Dispose()
            End If
        End If
        MyBase.Dispose(disposing)
    End Sub


    ' Required method for Designer support - do not modify 
    ' the contents of this method with the code editor.
    Private Sub InitializeComponent()
        Me.textBox1 = New System.Windows.Forms.TextBox
        Me.listBox1 = New System.Windows.Forms.ListBox
        Me.SuspendLayout()
        ' 
        ' textBox1
        ' 
        Me.textBox1.Location = New System.Drawing.Point(208, 112)
        Me.textBox1.Name = "textBox1"
        Me.textBox1.Size = New System.Drawing.Size(320, 20)
        Me.textBox1.TabIndex = 0
        Me.textBox1.Text = "textBox1"
        ' 
        ' listBox1
        ' 
        Me.listBox1.Location = New System.Drawing.Point(200, 184)
        Me.listBox1.Name = "listBox1"
        Me.listBox1.Size = New System.Drawing.Size(336, 108)
        Me.listBox1.TabIndex = 1
        ' 
        ' UserControl1
        ' 
        Me.Controls.Add(listBox1)
        Me.Controls.Add(textBox1)
        Me.Name = "UserControl1"
        Me.Size = New System.Drawing.Size(592, 400)
        Me.ResumeLayout(False)
    End Sub

    Private Sub UserControl1_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles MyBase.Load
    End Sub

    Private Sub textBox1_TextChanged(ByVal sender As Object, ByVal e As System.EventArgs) Handles textBox1.TextChanged
    End Sub
End Class

注解

重要

不再支持部分受信任的代码。Partially trusted code is no longer supported. 此属性在 .NET Core 中不起作用。This attribute has no effect in .NET Core.

备注

@No__t 0 引入了新的安全规则,这些规则会影响 AllowPartiallyTrustedCallersAttribute 属性的行为(请参阅安全透明代码,级别 2)。The .NET Framework 4.NET Framework 4 introduces new security rules that affect the behavior of the AllowPartiallyTrustedCallersAttribute attribute (see Security-Transparent Code, Level 2). .NET Framework 4.NET Framework 4 中,所有代码都默认为安全透明的,即部分受信任。In the .NET Framework 4.NET Framework 4, all code defaults to security-transparent, that is, partially trusted. 但是,您可以批注各个类型和成员,以将它们分配给其他透明度特性。However, you can annotate individual types and members to assign them other transparency attributes. 有关此更改以及其他安全更改,请参阅安全更改For this and other security changes, see Security Changes.

.NET Framework 版本2.0 ()程序集必须具有强名称,才能有效地使用 @no__t 0 (APTCA)特性。.NET Framework version 2.0 () assemblies must be strong-named to effectively use the AllowPartiallyTrustedCallersAttribute (APTCA) attribute. .NET Framework 4.NET Framework 4 ()程序集不必具有强名称,才能使 APTCA 属性有效,并且它们可以包含透明的安全关键代码和安全可靠关键代码。() assemblies do not have to be strong-named for the APTCA attribute to be effective, and they can contain transparent, security-critical and security-safe-critical code. 有关在程序集级别应用特性的详细信息,请参阅应用特性For more information about applying attributes at the assembly level, see Applying Attributes.

默认情况下,如果强名称程序集未在程序集级别显式应用此特性,则它只能由被授予完全信任的其他程序集调用。By default, if a strong-named, assembly does not explicitly apply this attribute at the assembly level, it can be called only by other assemblies that are granted full trust. 通过在程序集中每个可公开访问的类上的每个公共或受保护方法中放置 FullTrust 的 @no__t,可强制实施此限制。This restriction is enforced by placing a LinkDemand for FullTrust on every public or protected method on every publicly accessible class in the assembly. 旨在由部分受信任的代码调用的程序集可以通过使用 AllowPartiallyTrustedCallersAttribute 来声明它们的意图。Assemblies that are intended to be called by partially trusted code can declare their intent through the use of AllowPartiallyTrustedCallersAttribute. 中C#的声明示例 [assembly:AllowPartiallyTrustedCallers];Visual Basic 中的示例 <assembly:AllowPartiallyTrustedCallers>An example of the declaration in C# is [assembly:AllowPartiallyTrustedCallers]; an example in Visual Basic is <assembly:AllowPartiallyTrustedCallers>.

注意

此程序集级别的属性的存在会阻止将 FullTrust @ no__t 安全检查的默认行为,并使程序集可从任何其他(部分或完全受信任的)程序集调用。The presence of this assembly-level attribute prevents the default behavior of placing FullTrustLinkDemand security checks, and makes the assembly callable from any other (partially or fully trusted) assembly.

当存在 APTCA 特性时,所有其他安全检查都将按预期运行,包括任何类级或方法级别的声明性安全特性。When the APTCA attribute is present, all other security checks function as intended, including any class-level or method-level declarative security attributes that are present. 此属性仅阻止隐式的完全受信任的调用方请求。This attribute blocks only the implicit, fully trusted caller demand.

这不是声明性的安全属性,而是常规属性(它派生自 System.Attribute,而不是来自 System.Security.Permissions.SecurityAttribute)。This is not a declarative security attribute, but a regular attribute (it derives from System.Attribute, not from System.Security.Permissions.SecurityAttribute).

有关详细信息,请参阅从部分受信任的代码使用库For more information, see Using Libraries from Partially Trusted Code.

构造函数

AllowPartiallyTrustedCallersAttribute()

初始化 AllowPartiallyTrustedCallersAttribute 类的新实例。Initializes a new instance of the AllowPartiallyTrustedCallersAttribute class.

属性

PartialTrustVisibilityLevel

获取或设置用 AllowPartiallyTrustedCallersAttribute (APTCA) 特性标记的代码的默认部分信任可见性。Gets or sets the default partial trust visibility for code that is marked with the AllowPartiallyTrustedCallersAttribute (APTCA) attribute.

TypeId

在派生类中实现时,获取此 Attribute 的唯一标识符。When implemented in a derived class, gets a unique identifier for this Attribute.

(继承自 Attribute)

方法

Equals(Object)

返回一个值,该值指示此实例是否与指定的对象相等。Returns a value that indicates whether this instance is equal to a specified object.

(继承自 Attribute)
GetHashCode()

返回此实例的哈希代码。Returns the hash code for this instance.

(继承自 Attribute)
GetType()

获取当前实例的 TypeGets the Type of the current instance.

(继承自 Object)
IsDefaultAttribute()

在派生类中重写时,指示此实例的值是否是派生类的默认值。When overridden in a derived class, indicates whether the value of this instance is the default value for the derived class.

(继承自 Attribute)
Match(Object)

当在派生类中重写时,返回一个指示此实例是否等于指定对象的值。When overridden in a derived class, returns a value that indicates whether this instance equals a specified object.

(继承自 Attribute)
MemberwiseClone()

创建当前 Object 的浅表副本。Creates a shallow copy of the current Object.

(继承自 Object)
ToString()

返回表示当前对象的字符串。Returns a string that represents the current object.

(继承自 Object)

显式界面实现

_Attribute.GetIDsOfNames(Guid, IntPtr, UInt32, UInt32, IntPtr)

将一组名称映射为对应的一组调度标识符。Maps a set of names to a corresponding set of dispatch identifiers.

(继承自 Attribute)
_Attribute.GetTypeInfo(UInt32, UInt32, IntPtr)

检索对象的类型信息,然后可以使用该信息获取接口的类型信息。Retrieves the type information for an object, which can be used to get the type information for an interface.

(继承自 Attribute)
_Attribute.GetTypeInfoCount(UInt32)

检索对象提供的类型信息接口的数量(0 或 1)。Retrieves the number of type information interfaces that an object provides (either 0 or 1).

(继承自 Attribute)
_Attribute.Invoke(UInt32, Guid, UInt32, Int16, IntPtr, IntPtr, IntPtr, IntPtr)

提供对某一对象公开的属性和方法的访问。Provides access to properties and methods exposed by an object.

(继承自 Attribute)

适用于