PrincipalPermissionAttribute 类

定义

注意

Code Access Security is not supported or honored by the runtime.", DiagnosticId="SYSLIB0003", UrlFormat="https://aka.ms/dotnet-warnings/{0}

允许对要使用声明性安全应用到代码中的 PrincipalPermission 执行安全操作。Allows security actions for PrincipalPermission to be applied to code using declarative security. 此类不能被继承。This class cannot be inherited.

public ref class PrincipalPermissionAttribute sealed : System::Security::Permissions::CodeAccessSecurityAttribute
[System.AttributeUsage(System.AttributeTargets.Class | System.AttributeTargets.Method, AllowMultiple=true, Inherited=false)]
public sealed class PrincipalPermissionAttribute : System.Security.Permissions.CodeAccessSecurityAttribute
[System.AttributeUsage(System.AttributeTargets.Class | System.AttributeTargets.Method, AllowMultiple=true, Inherited=false)]
[System.Obsolete("Code Access Security is not supported or honored by the runtime.", DiagnosticId="SYSLIB0003", UrlFormat="https://aka.ms/dotnet-warnings/{0}")]
public sealed class PrincipalPermissionAttribute : System.Security.Permissions.CodeAccessSecurityAttribute
[System.AttributeUsage(System.AttributeTargets.Class | System.AttributeTargets.Method, AllowMultiple=true, Inherited=false)]
[System.Serializable]
public sealed class PrincipalPermissionAttribute : System.Security.Permissions.CodeAccessSecurityAttribute
[System.AttributeUsage(System.AttributeTargets.Class | System.AttributeTargets.Method, AllowMultiple=true, Inherited=false)]
[System.Serializable]
[System.Runtime.InteropServices.ComVisible(true)]
public sealed class PrincipalPermissionAttribute : System.Security.Permissions.CodeAccessSecurityAttribute
[<System.AttributeUsage(System.AttributeTargets.Class | System.AttributeTargets.Method, AllowMultiple=true, Inherited=false)>]
type PrincipalPermissionAttribute = class
    inherit CodeAccessSecurityAttribute
[<System.AttributeUsage(System.AttributeTargets.Class | System.AttributeTargets.Method, AllowMultiple=true, Inherited=false)>]
[<System.Obsolete("Code Access Security is not supported or honored by the runtime.", DiagnosticId="SYSLIB0003", UrlFormat="https://aka.ms/dotnet-warnings/{0}")>]
type PrincipalPermissionAttribute = class
    inherit CodeAccessSecurityAttribute
[<System.AttributeUsage(System.AttributeTargets.Class | System.AttributeTargets.Method, AllowMultiple=true, Inherited=false)>]
[<System.Serializable>]
type PrincipalPermissionAttribute = class
    inherit CodeAccessSecurityAttribute
[<System.AttributeUsage(System.AttributeTargets.Class | System.AttributeTargets.Method, AllowMultiple=true, Inherited=false)>]
[<System.Serializable>]
[<System.Runtime.InteropServices.ComVisible(true)>]
type PrincipalPermissionAttribute = class
    inherit CodeAccessSecurityAttribute
Public NotInheritable Class PrincipalPermissionAttribute
Inherits CodeAccessSecurityAttribute
继承
属性

示例

下面的示例演示如何 PrincipalPermissionAttribute 以声明方式使用类以要求当前用户是管理员。The following example demonstrates how the PrincipalPermissionAttribute class is used declaratively to demand that the current user be an administrator.

备注

在 Windows Vista 中,用户帐户控制 (UAC) 决定用户的特权。In Windows Vista, User Account Control (UAC) determines the privileges of a user. 如果您是内置的 Administrators 组的成员,将为您分配两个运行时访问令牌:一个标准用户访问令牌和一个管理员访问令牌。If you are a member of the Built-in Administrators group, you are assigned two run-time access tokens: a standard user access token and an administrator access token. 默认情况下,您拥有标准用户角色。By default, you are in the standard user role. 要执行需要管理员身份的代码,必须首先将你的特权从标准用户提升至管理员。To execute the code that requires you to be an administrator, you must first elevate your privileges from standard user to administrator. 你可以通过以下方式执行此操作:右键单击应用程序图标并指示需以管理员身份运行。You can do this when you start an application by right-clicking the application icon and indicating that you want to run as an administrator.

using namespace System;
using namespace System::Security;
using namespace System::Security::Permissions;
using namespace System::Security::Policy;
using namespace System::Security::Principal;

[PrincipalPermission(SecurityAction::Demand, Role = "Administrators")]
void CheckAdministrator()
{
    Console::WriteLine("User is an administrator.");
}
int main(array<System::String ^> ^args)
{
    try
    {
        // Must set PrincipalPolicy to WindowsPrincipal
        AppDomain::CurrentDomain->SetPrincipalPolicy(PrincipalPolicy::WindowsPrincipal);
        // Check using declarative security.
        CheckAdministrator();
        // Check using Imperative security.
        System::String^ null;
        PrincipalPermission^ principalPerm = gcnew PrincipalPermission(null, "Administrators" );
        principalPerm->Demand();
        Console::WriteLine("Demand succeeded");
    }
    catch (Exception ^e)
    {
        Console::WriteLine(e->Message);
    }
    return 0;
}


using System;
using System.Threading;
using System.Security.Permissions;
using System.Security.Principal;

class SecurityPrincipalDemo
{
    public static void Main()
    {
        try
        {
            // PrincipalPolicy must be set to WindowsPrincipal to check roles.
            AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
            // Check using the PrincipalPermissionAttribute
            CheckAdministrator();
            // Check using PrincipalPermission class.
            PrincipalPermission principalPerm = new PrincipalPermission(null, "Administrators");
            principalPerm.Demand();
            Console.WriteLine("Demand succeeded.");
        }
        catch (Exception e)
        {
            Console.WriteLine(e.Message);
        }
    }
    [PrincipalPermission(SecurityAction.Demand, Role = "Administrators")]
    static void CheckAdministrator()
    {
        Console.WriteLine("User is an administrator");
    }
}
Imports System.Threading
Imports System.Security.Permissions
Imports System.Security.Principal



Class SecurityPrincipalDemo

    Public Shared Sub Main()
        Try
            ' PrincipalPolicy must be set to WindowsPrincipal to check roles.
            AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal)
            ' Check using the PrincipalPermissionAttribute
            CheckAdministrator()
            ' Check using PrincipalPermission class.
            Dim principalPerm As New PrincipalPermission(Nothing, "Administrators")
            principalPerm.Demand()
            Console.WriteLine("Demand succeeded.")
        Catch e As Exception
            Console.WriteLine(e.Message)
        End Try

    End Sub

    <PrincipalPermission(SecurityAction.Demand, Role:="Administrators")> _
    Shared Sub CheckAdministrator()
        Console.WriteLine("User is an administrator")

    End Sub
End Class

注解

重要

不再支持部分受信任的代码。Partially trusted code is no longer supported. 此属性在 .NET Core 中不起作用。This attribute has no effect in .NET Core.

PrincipalPermissionAttribute 可用于以声明方式要求运行你的代码的用户属于指定的角色或已经过身份验证。PrincipalPermissionAttribute can be used to declaratively demand that users running your code belong to a specified role or have been authenticated. 使用 Unrestricted 将创建一个,并 PrincipalPermission Authenticated 将设置为 trueNameRole 将设置为 nullUse of Unrestricted creates a PrincipalPermission with Authenticated set to true and Name and Role set to null.

允许的声明的范围取决于所 SecurityAction 使用的。The scope of the declaration that is allowed depends on the SecurityAction that is used. PrincipalPermissionAttribute 不能应用于程序集级别。PrincipalPermissionAttribute cannot be applied at the assembly level.

安全特性声明的安全信息存储在属性目标的元数据中,由系统在运行时进行访问。The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. 安全特性仅用于声明性安全。Security attributes are used only for declarative security. 对于命令性安全,请使用相应的权限类。For imperative security, use the corresponding permission class.

重要

使用此类来要求主体权限之前,必须将当前应用程序域的主体策略设置为枚举值 WindowsPrincipalBefore you use this class to demand principal permission, you must set the current application domain's principal policy to the enumeration value WindowsPrincipal. 默认情况下,主体策略设置为 UnauthenticatedPrincipalBy default, the principal policy is set to UnauthenticatedPrincipal. 如果不将主体策略设置为,则对 WindowsPrincipal 主体权限的要求会失败。If you do not set the principal policy to WindowsPrincipal, a demand for principal permission will fail. 在要求主体权限之前,应执行以下代码: AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal).The following code should be executed before the principal permission is demanded: AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal).

构造函数

PrincipalPermissionAttribute(SecurityAction)
已过时。

使用指定的 PrincipalPermissionAttribute 初始化 SecurityAction 类的新实例。Initializes a new instance of the PrincipalPermissionAttribute class with the specified SecurityAction.

属性

Action

获取或设置安全性操作。Gets or sets a security action.

(继承自 SecurityAttribute)
Authenticated

获取或设置一个值,该值指示是否通过基于角色的基础安全提供程序已对当前主体执行身份验证。Gets or sets a value indicating whether the current principal has been authenticated by the underlying role-based security provider.

Name

获取或设置与当前主体相关联的标识名称。Gets or sets the name of the identity associated with the current principal.

Role

获取或设置指定安全角色的成员条件。Gets or sets membership in a specified security role.

TypeId

在派生类中实现时,获取此 Attribute 的唯一标识符。When implemented in a derived class, gets a unique identifier for this Attribute.

(继承自 Attribute)
Unrestricted

获取或设置一个值,该值指示是否声明了对受该特性保护的资源有完全(无限制的)权限。Gets or sets a value indicating whether full (unrestricted) permission to the resource protected by the attribute is declared.

(继承自 SecurityAttribute)

方法

CreatePermission()

创建并返回一个新的 PrincipalPermissionCreates and returns a new PrincipalPermission.

Equals(Object)

返回一个值,该值指示此实例是否与指定的对象相等。Returns a value that indicates whether this instance is equal to a specified object.

(继承自 Attribute)
GetHashCode()

返回此实例的哈希代码。Returns the hash code for this instance.

(继承自 Attribute)
GetType()

获取当前实例的 TypeGets the Type of the current instance.

(继承自 Object)
IsDefaultAttribute()

在派生类中重写时,指示此实例的值是否是派生类的默认值。When overridden in a derived class, indicates whether the value of this instance is the default value for the derived class.

(继承自 Attribute)
Match(Object)

当在派生类中重写时,返回一个指示此实例是否等于指定对象的值。When overridden in a derived class, returns a value that indicates whether this instance equals a specified object.

(继承自 Attribute)
MemberwiseClone()

创建当前 Object 的浅表副本。Creates a shallow copy of the current Object.

(继承自 Object)
ToString()

返回表示当前对象的字符串。Returns a string that represents the current object.

(继承自 Object)

显式接口实现

_Attribute.GetIDsOfNames(Guid, IntPtr, UInt32, UInt32, IntPtr)

将一组名称映射为对应的一组调度标识符。Maps a set of names to a corresponding set of dispatch identifiers.

(继承自 Attribute)
_Attribute.GetTypeInfo(UInt32, UInt32, IntPtr)

检索对象的类型信息,然后可以使用该信息获取接口的类型信息。Retrieves the type information for an object, which can be used to get the type information for an interface.

(继承自 Attribute)
_Attribute.GetTypeInfoCount(UInt32)

检索对象提供的类型信息接口的数量(0 或 1)。Retrieves the number of type information interfaces that an object provides (either 0 or 1).

(继承自 Attribute)
_Attribute.Invoke(UInt32, Guid, UInt32, Int16, IntPtr, IntPtr, IntPtr, IntPtr)

提供对某一对象公开的属性和方法的访问。Provides access to properties and methods exposed by an object.

(继承自 Attribute)

适用于

另请参阅