IsolatedStorageContainment 枚举

定义

指定独立存储区所允许的用途。Specifies the permitted use of isolated storage.

public enum class IsolatedStorageContainment
[System.Runtime.InteropServices.ComVisible(true)]
[System.Serializable]
public enum IsolatedStorageContainment
type IsolatedStorageContainment = 
Public Enum IsolatedStorageContainment
继承
IsolatedStorageContainment
属性

字段

AdministerIsolatedStorageByUser 112

对用户存储区的无限制的管理能力。Unlimited administration ability for the user store. 允许浏览和删除整个用户存储区,但除用户自己的域/程序集标识外,不允许进行读访问。Allows browsing and deletion of the entire user store, but not read access other than the user's own domain/assembly identity.

ApplicationIsolationByMachine 69

存储首先按计算机隔离,然后按应用程序隔离。Storage is isolated first by computer and then by application. 这为在任何域上下文中均可访问的应用程序提供了数据存储区。This provides a data store for the application that is accessible in any domain context. 基于应用程序的数据隔离舱需要额外的信任,原因是数据隔离舱可能会在应用程序之间提供“隧道”,从而危及特定网站中应用程序的数据隔离。The per-application data compartment requires additional trust because it potentially provides a "tunnel" between applications that could compromise the data isolation of applications in particular Web sites.

ApplicationIsolationByRoamingUser 101

存储首先按用户隔离,然后按应用程序证据隔离。Storage is isolated first by user and then by application evidence. 当启用 Windows 用户数据漫游时,存储将漫游。Storage will roam if Windows user data roaming is enabled. 这为在任何域上下文中均可访问的应用程序提供了数据存储区。This provides a data store for the application that is accessible in any domain context. 基于应用程序的数据隔离舱需要额外的信任,原因是数据隔离舱可能会在应用程序之间提供“隧道”,从而危及特定网站中应用程序的数据隔离。The per-application data compartment requires additional trust because it potentially provides a "tunnel" between applications that could compromise the data isolation of applications in particular Web sites.

ApplicationIsolationByUser 21

存储首先按用户隔离,然后按应用程序隔离。Storage is isolated first by user and then by application. 存储也被计算机隔离。Storage is also isolated by computer. 这为在任何域上下文中均可访问的应用程序提供了数据存储区。This provides a data store for the application that is accessible in any domain context. 基于应用程序的数据隔离舱需要额外的信任,原因是数据隔离舱可能会在应用程序之间提供“隧道”,从而危及特定网站中应用程序的数据隔离。The per-application data compartment requires additional trust because it potentially provides a "tunnel" between applications that could compromise the data isolation of applications in particular Web sites.

AssemblyIsolationByMachine 64

存储首先按计算机隔离,然后按代码程序集隔离。Storage is isolated first by computer and then by code assembly. 这为在任何域上下文中都可访问的程序集提供了数据存储区。This provides a data store for the assembly that is accessible in any domain context. 基于程序集的数据室需要额外的信任,因为它可能在应用程序之间提供“隧道”,该隧道会危及特定网站中应用程序的数据隔离。The per-assembly data compartment requires additional trust because it potentially provides a "tunnel" between applications that could compromise the data isolation of applications in particular Web sites.

AssemblyIsolationByRoamingUser 96

存储首先按用户隔离,然后按程序集证据隔离。Storage is isolated first by user and then by assembly evidence. 当启用 Windows 用户数据漫游时,存储将漫游。Storage will roam if Windows user data roaming is enabled. 这为在任何域上下文中都可访问的程序集提供了数据存储区。This provides a data store for the assembly that is accessible in any domain context. 基于程序集的数据室需要额外的信任,因为它可能在应用程序之间提供“隧道”,该隧道会危及特定网站中应用程序的数据隔离。The per-assembly data compartment requires additional trust because it potentially provides a "tunnel" between applications that could compromise the data isolation of applications in particular Web sites.

AssemblyIsolationByUser 32

存储首先按用户隔离,然后按代码程序集隔离。Storage is isolated first by user and then by code assembly. 存储也被计算机隔离。Storage is also isolated by computer. 这为在任何域上下文中都可访问的程序集提供了数据存储区。This provides a data store for the assembly that is accessible in any domain context. 基于程序集的数据室需要额外的信任,因为它可能在应用程序之间提供“隧道”,该隧道会危及特定网站中应用程序的数据隔离。The per-assembly data compartment requires additional trust because it potentially provides a "tunnel" between applications that could compromise the data isolation of applications in particular Web sites.

DomainIsolationByMachine 48

存储首先按计算机隔离,然后按域和程序集隔离。Storage is isolated first by computer and then by domain and assembly. 只有在相同应用程序的上下文内并且仅在相同的计算机上运行时,才可访问数据。Data can only be accessed within the context of the same application and only when run on the same computer. 这在第三方程序集想要保留私有数据存储区时很有用。This is helpful when a third-party assembly wants to keep a private data store.

DomainIsolationByRoamingUser 80

存储首先按用户隔离,然后按域和程序集隔离。Storage is isolated first by user and then by domain and assembly. 当启用 Windows 用户数据漫游时,存储将漫游。Storage will roam if Windows user data roaming is enabled. 只有在相同应用程序的上下文内并且仅由相同用户运行时,才可访问数据。Data can only be accessed within the context of the same application and only when run by the same user. 这在第三方程序集想要保留私有数据存储区时很有用。This is helpful when a third-party assembly wants to keep a private data store.

DomainIsolationByUser 16

存储首先按用户隔离,然后按域和程序集隔离。Storage is isolated first by user and then by domain and assembly. 存储也被计算机隔离。Storage is also isolated by computer. 只有在相同应用程序的上下文内并且仅由相同用户运行时,才可访问数据。Data can only be accessed within the context of the same application and only when run by the same user. 这在第三方程序集想要保留私有数据存储区时很有用。This is helpful when a third-party assembly wants to keep a private data store.

None 0

不允许使用独立存储。Use of isolated storage is not allowed.

UnrestrictedIsolatedStorage 240

允许在没有任何限制的情况下使用独立存储。Use of isolated storage is allowed without restriction. 代码对用户存储区的任何部分均有完全访问权限,而不管域或程序集的标识如何。Code has full access to any part of the user store, regardless of the identity of the domain or assembly. 独立存储的这种使用允许对独立存储数据存储区中的内容进行枚举。This use of isolated storage includes the ability to enumerate the contents of the isolated storage data store.

示例

此示例演示如何告知 CLR 此程序集中的代码需要IsolatedStoragePermission , 还演示如何在独立存储中进行写入和读取操作。This example shows how to tell the CLR that code in this assembly requires the IsolatedStoragePermission and also demonstrates how to write and read from isolated storage.

using namespace System;
using namespace System::Security;
using namespace System::Security::Permissions;
using namespace System::IO::IsolatedStorage;
using namespace System::IO;


static void WriteIsolatedStorage()
{
    try
    {
        // Attempt to create a storage file that is isolated by
        // user and assembly. IsolatedStorageFilePermission
        // granted to the attribute at the top of this file
        // allows CLR to load this assembly and execution of this
        // statement.
        Stream^ fileCreateStream = gcnew
            IsolatedStorageFileStream(
            "AssemblyData",
            FileMode::Create,
            IsolatedStorageFile::GetUserStoreForAssembly());

        StreamWriter^ streamWriter = gcnew StreamWriter(
            fileCreateStream);
        try
        {
            // Write some data out to the isolated file.

            streamWriter->Write("This is some test data.");
            streamWriter->Close();	
        }
        finally
        {
            delete fileCreateStream;
            delete streamWriter;
        } 
    }
    catch (IOException^ ex)
    {
        Console::WriteLine(ex->Message);
    }

    try
    {
        Stream^ fileOpenStream =
            gcnew IsolatedStorageFileStream(
            "AssemblyData",
            FileMode::Open,
            IsolatedStorageFile::GetUserStoreForAssembly());
        // Attempt to open the file that was previously created.

        StreamReader^ streamReader = gcnew StreamReader(
            fileOpenStream);
        try
        { 
            // Read the data from the file and display it.

            Console::WriteLine(streamReader->ReadLine());
            streamReader->Close();
        }
        finally
        {
            delete fileOpenStream;
            delete streamReader;
        }
    }
    catch (FileNotFoundException^ ex)
    {
        Console::WriteLine(ex->Message);
    }
    catch (IOException^ ex)
    {
        Console::WriteLine(ex->Message);
    }
}
// Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
// This restricts the called methods to working only with storage files that are isolated 
// by user and assembly.
[IsolatedStorageFilePermission(SecurityAction::PermitOnly, UsageAllowed = IsolatedStorageContainment::AssemblyIsolationByUser)]
int main()
{
    WriteIsolatedStorage();
}

// This code produces the following output.
//
//  This is some test data.
using System;
using System.Security.Permissions;
using System.IO.IsolatedStorage;
using System.IO;

// Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
// This restricts the called methods to working only with storage files that are isolated 
// by user and assembly.
[IsolatedStorageFilePermission(SecurityAction.PermitOnly, UsageAllowed = IsolatedStorageContainment.AssemblyIsolationByUser)]
public sealed class App
{
    static void Main()
    {
        WriteIsolatedStorage();

    }
    private static void WriteIsolatedStorage()
    {
        // Attempt to create a storage file that is isolated by user and assembly.
        // IsolatedStorageFilePermission granted to the attribute at the top of this file 
        // allows CLR to load this assembly and execution of this statement.
        using (Stream s = new IsolatedStorageFileStream("AssemblyData", FileMode.Create, IsolatedStorageFile.GetUserStoreForAssembly()))
        {

            // Write some data out to the isolated file.
            using (StreamWriter sw = new StreamWriter(s))
            {
                sw.Write("This is some test data.");
            }
        }

        // Attempt to open the file that was previously created.
        using (Stream s = new IsolatedStorageFileStream("AssemblyData", FileMode.Open, IsolatedStorageFile.GetUserStoreForAssembly()))
        {
            // Read the data from the file and display it.
            using (StreamReader sr = new StreamReader(s))
            {
                Console.WriteLine(sr.ReadLine());
            }
        }
    }
}

// This code produces the following output.
//
//  Some test data.
Option Strict On
Imports System.Security.Permissions
Imports System.IO.IsolatedStorage
Imports System.IO


' Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
' This restricts the called methods to working only with storage files that are isolated 
' by user and assembly.
<IsolatedStorageFilePermission(SecurityAction.PermitOnly, UsageAllowed:=IsolatedStorageContainment.AssemblyIsolationByUser)> _
Public NotInheritable Class App

    Shared Sub Main()
        WriteIsolatedStorage()
    End Sub
    Shared Sub WriteIsolatedStorage()
        ' Attempt to create a storage file that is isolated by user and assembly.
        ' IsolatedStorageFilePermission granted to the attribute at the top of this file 
        ' allows CLR to load this assembly and execution of this statement.
        Dim s As New IsolatedStorageFileStream("AssemblyData", FileMode.Create, IsolatedStorageFile.GetUserStoreForAssembly())
        Try

            ' Write some data out to the isolated file.
            Dim sw As New StreamWriter(s)
            Try
                sw.Write("This is some test data.")
            Finally
                sw.Dispose()
            End Try
        Finally
            s.Dispose()
        End Try

        ' Attempt to open the file that was previously created.
        Dim t As New IsolatedStorageFileStream("AssemblyData", FileMode.Open, IsolatedStorageFile.GetUserStoreForAssembly())
        Try
            ' Read the data from the file and display it.
            Dim sr As New StreamReader(t)
            Try
                Console.WriteLine(sr.ReadLine())
            Finally
                sr.Dispose()
            End Try
        Finally
            t.Dispose()
        End Try

    End Sub
End Class

' This code produces the following output.
'
'  Some test data.

注解

独立存储使用证据来确定用于应用程序或组件的唯一存储区域。Isolated storage uses evidence to determine a unique storage area for use by an application or component. 程序集的标识唯一确定虚拟文件系统的根, 以供该程序集使用。The identity of an assembly uniquely determines the root of a virtual file system for use by that assembly. 因此, 其中每个应用程序和组件共享公共资源 (例如文件系统或注册表), 而每个都有其自己的文件区, 并将其本身分配给它。Thus, rather than many applications and components sharing a common resource such as the file system or registry, each has its own file area inherently assigned to it.

分配独立存储时使用四个基本隔离范围:Four basic isolation scopes are used when assigning isolated storage:

  • User-始终根据当前用户确定代码的作用域。User - Code is always scoped according to the current user. 其他用户运行时, 同一程序集将接收不同的存储区。The same assembly will receive different stores when being run by different users.

  • Machine-代码始终根据计算机进行作用域。Machine - Code is always scoped according to the machine. 同一程序集在由同一台计算机上的不同用户运行时, 将接收相同的存储。The same assembly will receive the same stores when being run by different users on the same machine.

  • Assembly-按发布者 (例如, 按公钥)、按 URL (例如http://www.fourthcoffee.com/process/grind.htm),、按站点或按区域) 对代码进行了加密, 按强名称 (例如, microsoft. * 或 microsoft。Assembly - Code is identified cryptographically by strong name (for example, Microsoft.Office.* or Microsoft.Office.Word), by publisher (based on public key), by URL (for example, http://www.fourthcoffee.com/process/grind.htm), by site, or by zone.

  • Domain-根据与应用程序域关联的证据标识代码。Domain - Code is identified based on evidence associated with the application domain. Web 应用程序标识派生自网站的 URL, 或由网页的 URL、站点或区域派生。Web application identity is derived from the site's URL, or by the Web page's URL, site, or zone. 本地代码标识基于应用程序目录路径。Local code identity is based on the application directory path.

对于 URL、站点和区域的定义, 请参阅UrlIdentityPermissionSiteIdentityPermissionZoneIdentityPermissionFor definitions of URL, site, and zone, see UrlIdentityPermission, SiteIdentityPermission, and ZoneIdentityPermission.

这些标识组合在一起, 在这种情况下, 将逐个应用标识, 直到创建了所需的独立存储。These identities are grouped together, in which case the identities are applied one after another until the desired isolated storage is created. 有效分组为 User + Assembly 和 User + Assembly + Domain。The valid groupings are User+Assembly and User+Assembly+Domain. 这种标识分组在许多不同的应用程序中非常有用。This grouping of identities is useful in many different applications.

如果数据由域、用户和程序集存储, 则数据是专用的, 因为只有该程序集中的代码才能访问数据。If data is stored by domain, user, and assembly, the data is private in that only code in that assembly can access the data. 数据存储区也由它在其中运行的应用程序隔离, 因此, 该程序集不会通过向其他应用程序公开数据来表示潜在的泄漏。The data store is also isolated by the application in which it runs, so that the assembly does not represent a potential leak by exposing data to other applications.

按程序集和用户隔离可用于应用于多个应用程序的用户数据;例如, 许可证信息或独立于应用程序的用户个人信息 (名称、身份验证凭据等)。Isolation by assembly and user could be used for user data that applies across multiple applications; for example, license information, or a user's personal information (name, authentication credentials, and so on) that is independent of an application.

IsolatedStorageContainment公开一些标志, 这些标志确定是否允许应用程序使用独立存储, 如果存在, 则允许使用哪些标识组合。IsolatedStorageContainment exposes flags that determine whether an application is allowed to use isolated storage and, if so, which identity combinations are allowed to use it. 它还确定是否允许应用程序将信息存储在可与用户漫游的位置中 (必须配置 Windows 漫游用户配置文件或文件夹重定向)。It also determines whether an application is allowed to store information in a location that can roam with a user (Windows Roaming User Profiles or Folder Redirection must be configured).

适用于

另请参阅