SocketPermission SocketPermission SocketPermission SocketPermission Class

定義

控制在傳輸位址上進行或接受連接的權限。Controls rights to make or accept connections on a transport address.

public ref class SocketPermission sealed : System::Security::CodeAccessPermission, System::Security::Permissions::IUnrestrictedPermission
[System.Serializable]
public sealed class SocketPermission : System.Security.CodeAccessPermission, System.Security.Permissions.IUnrestrictedPermission
type SocketPermission = class
    inherit CodeAccessPermission
    interface IUnrestrictedPermission
Public NotInheritable Class SocketPermission
Inherits CodeAccessPermission
Implements IUnrestrictedPermission
繼承
屬性
實作

範例

下列範例示範如何使用SocketPermission類別來設定、變更及強制執行各種通訊端存取限制。The following example demonstrates how to use the SocketPermission class to set, change, and enforce various socket access restrictions.

// Creates a SocketPermission restricting access to and from all URIs.
SocketPermission^ mySocketPermission1 = gcnew SocketPermission( PermissionState::None );

// The socket to which this permission will apply will allow connections from www.contoso.com.
mySocketPermission1->AddPermission( NetworkAccess::Accept, TransportType::Tcp,  "www.contoso.com", 11000 );

// Creates a SocketPermission which will allow the target Socket to connect with www.southridgevideo.com.
SocketPermission^ mySocketPermission2 = gcnew SocketPermission( NetworkAccess::Connect,TransportType::Tcp, "www.southridgevideo.com",11002 );

// Creates a SocketPermission from the union of two SocketPermissions.
SocketPermission^ mySocketPermissionUnion =
   (SocketPermission^)( mySocketPermission1->Union( mySocketPermission2 ) );

// Checks to see if the union was successfully created by using the IsSubsetOf method.
if ( mySocketPermission1->IsSubsetOf( mySocketPermissionUnion ) &&
   mySocketPermission2->IsSubsetOf( mySocketPermissionUnion ) )
{
   Console::WriteLine(  "This union contains permissions from both mySocketPermission1 and mySocketPermission2" );
   
   // Prints the allowable accept URIs to the console.
   Console::WriteLine(  "This union accepts connections on :" );

   IEnumerator^ myEnumerator = mySocketPermissionUnion->AcceptList;
   while ( myEnumerator->MoveNext() )
   {
      Console::WriteLine( safe_cast<EndpointPermission^>( myEnumerator->Current )->ToString() );
   }
   
   // Prints the allowable connect URIs to the console.
   Console::WriteLine(  "This union permits connections to :" );

   myEnumerator = mySocketPermissionUnion->ConnectList;
   while ( myEnumerator->MoveNext() )
   {
      Console::WriteLine( safe_cast<EndpointPermission^>( myEnumerator->Current )->ToString() );
   }
}

// Creates a SocketPermission from the intersect of two SocketPermissions.
SocketPermission^ mySocketPermissionIntersect =
   (SocketPermission^)( mySocketPermission1->Intersect( mySocketPermissionUnion ) );

// mySocketPermissionIntersect should now contain the permissions of mySocketPermission1.
if ( mySocketPermission1->IsSubsetOf( mySocketPermissionIntersect ) )
{
   Console::WriteLine(  "This is expected" );
}

// mySocketPermissionIntersect should not contain the permissios of mySocketPermission2.
if ( mySocketPermission2->IsSubsetOf( mySocketPermissionIntersect ) )
{
   Console::WriteLine(  "This should not print" );
}

// Creates a copy of the intersect SocketPermission.
SocketPermission^ mySocketPermissionIntersectCopy =
   (SocketPermission^)( mySocketPermissionIntersect->Copy() );
if ( mySocketPermissionIntersectCopy->Equals( mySocketPermissionIntersect ) )
{
   Console::WriteLine(  "Copy successfull" );
}

// Converts a SocketPermission to XML format and then immediately converts it back to a SocketPermission.
mySocketPermission1->FromXml( mySocketPermission1->ToXml() );

// Checks to see if permission for this socket resource is unrestricted.  If it is, then there is no need to
// demand that permissions be enforced.
if ( mySocketPermissionUnion->IsUnrestricted() )
{
   //Do nothing.  There are no restrictions.
}
else
{
   // Enforces the permissions found in mySocketPermissionUnion on any Socket Resources used below this statement. 
   mySocketPermissionUnion->Demand();
}

IPHostEntry^ myIpHostEntry = Dns::Resolve(  "www.contoso.com" );
IPEndPoint^ myLocalEndPoint = gcnew IPEndPoint( myIpHostEntry->AddressList[ 0 ], 11000 );

Socket^ s = gcnew Socket( myLocalEndPoint->Address->AddressFamily,
   SocketType::Stream,
   ProtocolType::Tcp );
try
{
   s->Connect( myLocalEndPoint );
}
catch ( Exception^ e ) 
{
   Console::Write(  "Exception Thrown: " );
   Console::WriteLine( e->ToString() );
}

// Perform all socket operations in here.
s->Close();

     // Creates a SocketPermission restricting access to and from all URIs.
     SocketPermission mySocketPermission1 = new SocketPermission(PermissionState.None);

     // The socket to which this permission will apply will allow connections from www.contoso.com.
     mySocketPermission1.AddPermission(NetworkAccess.Accept, TransportType.Tcp, "www.contoso.com", 11000);

     // Creates a SocketPermission which will allow the target Socket to connect with www.southridgevideo.com.
     SocketPermission mySocketPermission2 =
                                new SocketPermission(NetworkAccess.Connect, TransportType.Tcp, "www.southridgevideo.com", 11002);

     // Creates a SocketPermission from the union of two SocketPermissions.
     SocketPermission mySocketPermissionUnion = 
                                (SocketPermission)mySocketPermission1.Union(mySocketPermission2);

     // Checks to see if the union was successfully created by using the IsSubsetOf method.
     if (mySocketPermission1.IsSubsetOf(mySocketPermissionUnion) && 
     	   mySocketPermission2.IsSubsetOf(mySocketPermissionUnion)){
          Console.WriteLine("This union contains permissions from both mySocketPermission1 and mySocketPermission2"); 

          // Prints the allowable accept URIs to the console.
          Console.WriteLine("This union accepts connections on :");

          IEnumerator myEnumerator = mySocketPermissionUnion.AcceptList;
	   while (myEnumerator.MoveNext()) {
               Console.WriteLine(((EndpointPermission)myEnumerator.Current).ToString());
	        }      

             // Prints the allowable connect URIs to the console.
          Console.WriteLine("This union permits connections to :");

          myEnumerator = mySocketPermissionUnion.ConnectList;
	   while (myEnumerator.MoveNext()) {
               Console.WriteLine(((EndpointPermission)myEnumerator.Current).ToString());
	        }      

           }


     // Creates a SocketPermission from the intersect of two SocketPermissions.
     SocketPermission mySocketPermissionIntersect = 
                               (SocketPermission)mySocketPermission1.Intersect(mySocketPermissionUnion);

     // mySocketPermissionIntersect should now contain the permissions of mySocketPermission1.
     if (mySocketPermission1.IsSubsetOf(mySocketPermissionIntersect)){
          Console.WriteLine("This is expected");
     }
    // mySocketPermissionIntersect should not contain the permissios of mySocketPermission2.
     if (mySocketPermission2.IsSubsetOf(mySocketPermissionIntersect)){
          Console.WriteLine("This should not print");
     }



// Creates a copy of the intersect SocketPermission.
     SocketPermission mySocketPermissionIntersectCopy = 
                               (SocketPermission)mySocketPermissionIntersect.Copy();

     if (mySocketPermissionIntersectCopy.Equals(mySocketPermissionIntersect)){
     Console.WriteLine("Copy successfull");
     }


     // Converts a SocketPermission to XML format and then immediately converts it back to a SocketPermission.
     mySocketPermission1.FromXml(mySocketPermission1.ToXml());
     

     // Checks to see if permission for this socket resource is unrestricted.  If it is, then there is no need to
     // demand that permissions be enforced.
     if (mySocketPermissionUnion.IsUnrestricted()){
     	
          //Do nothing.  There are no restrictions.

     }
     else{
         // Enforces the permissions found in mySocketPermissionUnion on any Socket Resources used below this statement. 
         mySocketPermissionUnion.Demand();
     }

	IPHostEntry myIpHostEntry = Dns.Resolve("www.contoso.com");
	IPEndPoint myLocalEndPoint = new IPEndPoint(myIpHostEntry.AddressList[0], 11000);

       Socket s = new Socket(myLocalEndPoint.Address.AddressFamily,
       	                           SocketType.Stream,
                                         ProtocolType.Tcp);
       try{
            s.Connect(myLocalEndPoint);
       }
       catch (Exception e){
            Console.WriteLine("Exception Thrown: " + e.ToString());
       } 

      // Perform all socket operations in here.
      
      s.Close();
   ' Creates a SocketPermission restricting access to and from all URIs.
   Dim mySocketPermission1 As New SocketPermission(PermissionState.None)
   
   ' The socket to which this permission will apply will allow connections from www.contoso.com.
   mySocketPermission1.AddPermission(NetworkAccess.Accept, TransportType.Tcp, "www.contoso.com", 11000)
   
   ' Creates a SocketPermission which will allow the target Socket to connect with www.southridgevideo.com.
   Dim mySocketPermission2 As New SocketPermission(NetworkAccess.Connect, TransportType.Tcp, "www.southridgevideo.com", 11002)
   
   ' Creates a SocketPermission from the union of two SocketPermissions.
   Dim mySocketPermissionUnion As SocketPermission = CType(mySocketPermission1.Union(mySocketPermission2), SocketPermission)
   
   ' Checks to see if the union was successfully created by using the IsSubsetOf method.
   If mySocketPermission1.IsSubsetOf(mySocketPermissionUnion) And mySocketPermission2.IsSubsetOf(mySocketPermissionUnion) Then
      Console.WriteLine("This union contains permissions from both mySocketPermission1 and mySocketPermission2")
      
      ' Prints the allowable accept URIs to the console.
      Console.WriteLine("This union accepts connections on :")
      
      Dim myEnumerator As IEnumerator = mySocketPermissionUnion.AcceptList
      While myEnumerator.MoveNext()
         Console.WriteLine(CType(myEnumerator.Current, EndpointPermission).ToString())
      End While
      
      Console.WriteLine("This union establishes connections on : ")
      
      ' Prints the allowable connect URIs to the console.
      Console.WriteLine("This union permits connections to :")
      
      myEnumerator = mySocketPermissionUnion.ConnectList
      While myEnumerator.MoveNext()
         Console.WriteLine(CType(myEnumerator.Current, EndpointPermission).ToString())
      End While
   End If 
   ' Creates a SocketPermission from the intersect of two SocketPermissions.
   Dim mySocketPermissionIntersect As SocketPermission = CType(mySocketPermission1.Intersect(mySocketPermissionUnion), SocketPermission)
   
   ' mySocketPermissionIntersect should now contain the permissions of mySocketPermission1.
   If mySocketPermission1.IsSubsetOf(mySocketPermissionIntersect) Then
      Console.WriteLine("This is expected")
   End If
   ' mySocketPermissionIntersect should not contain the permissios of mySocketPermission2.
   If mySocketPermission2.IsSubsetOf(mySocketPermissionIntersect) Then
      Console.WriteLine("This should not print")
   End If
   
   ' Creates a copy of the intersect SocketPermission.
   Dim mySocketPermissionIntersectCopy As SocketPermission = CType(mySocketPermissionIntersect.Copy(), SocketPermission)
   
   If mySocketPermissionIntersectCopy.Equals(mySocketPermissionIntersect) Then
      Console.WriteLine("Copy successfull")
   End If
   ' Converts a SocketPermission to XML format and then immediately converts it back to a SocketPermission.
   mySocketPermission1.FromXml(mySocketPermission1.ToXml())
   
   
   ' Checks to see if permission for this socket resource is unrestricted.  If it is, then there is no need to
   ' demand that permissions be enforced.
   If mySocketPermissionUnion.IsUnrestricted() Then
   
   'Do nothing.  There are no restrictions.
   Else
      ' Enforces the permissions found in mySocketPermissionUnion on any Socket Resources used below this statement. 
      mySocketPermissionUnion.Demand()
   End If
   
   Dim myIpHostEntry As IPHostEntry = Dns.Resolve("www.contoso.com")
   Dim myLocalEndPoint As New IPEndPoint(myIpHostEntry.AddressList(0), 11000)
   
   Dim s As New Socket(myLocalEndPoint.Address.AddressFamily, SocketType.Stream, ProtocolType.Tcp)
   Try
      s.Connect(myLocalEndPoint)
   Catch e As Exception
      Console.WriteLine(("Exception Thrown: " + e.ToString()))
   End Try
   
   ' Perform all socket operations in here.
   s.Close()
End Sub 'MySocketPermission

備註

SocketPermission實例控制接受連接或起始Socket連接的許可權。SocketPermission instances control permission to accept connections or initiate Socket connections. 可以建立主機名稱或 IP 位址、埠號碼和傳輸通訊協定的許可權。SocketA Socket permission can be established for a host name or IP address, a port number, and a transport protocol.

注意

避免使用主機名稱建立通訊端許可權, 因為必須將這些名稱解析成 IP 位址, 這可能會封鎖堆疊。Avoid creating socket permissions using host names, as these names have to be resolved to IP addresses, and this might block the stack.

建構函式

SocketPermission(NetworkAccess, TransportType, String, Int32) SocketPermission(NetworkAccess, TransportType, String, Int32) SocketPermission(NetworkAccess, TransportType, String, Int32) SocketPermission(NetworkAccess, TransportType, String, Int32)

使用指定的使用權限,為指定的傳輸位址初始化 SocketPermission 類別的新執行個體。Initializes a new instance of the SocketPermission class for the given transport address with the specified permission.

SocketPermission(PermissionState) SocketPermission(PermissionState) SocketPermission(PermissionState) SocketPermission(PermissionState)

初始化 SocketPermission 類別的新執行個體,允許不受限制存取 Socket 或不允許存取 SocketInitializes a new instance of the SocketPermission class that allows unrestricted access to the Socket or disallows access to the Socket.

欄位

AllPorts AllPorts AllPorts AllPorts

定義表示所有通訊埠的常數。Defines a constant that represents all ports.

屬性

AcceptList AcceptList AcceptList AcceptList

取得 EndpointPermission 執行個體的清單,這些執行個體辨認可在這個使用權限執行個體下接受的端點。Gets a list of EndpointPermission instances that identifies the endpoints that can be accepted under this permission instance.

ConnectList ConnectList ConnectList ConnectList

取得 EndpointPermission 執行個體的清單,這些執行個體辨認可在這個使用權限執行個體下連接至的端點。Gets a list of EndpointPermission instances that identifies the endpoints that can be connected to under this permission instance.

方法

AddPermission(NetworkAccess, TransportType, String, Int32) AddPermission(NetworkAccess, TransportType, String, Int32) AddPermission(NetworkAccess, TransportType, String, Int32) AddPermission(NetworkAccess, TransportType, String, Int32)

將使用權限加入至傳輸位址的使用權限集。Adds a permission to the set of permissions for a transport address.

Assert() Assert() Assert() Assert()

宣告即使堆疊中較高層的呼叫端未獲得資源存取權限,呼叫程式碼仍可透過呼叫這個方法的程式碼要求權限,來存取受保護的資源。Declares that the calling code can access the resource protected by a permission demand through the code that calls this method, even if callers higher in the stack have not been granted permission to access the resource. 使用 Assert() 可能會造成安全性問題。Using Assert() can create security issues.

(Inherited from CodeAccessPermission)
Copy() Copy() Copy() Copy()

建立 SocketPermission 執行個體的複本。Creates a copy of a SocketPermission instance.

Demand() Demand() Demand() Demand()

如果呼叫堆疊中所有較高層的呼叫端尚未授與目前執行個體 (Instance) 所指定的使用權限,請於執行階段強制執行 SecurityExceptionForces a SecurityException at run time if all callers higher in the call stack have not been granted the permission specified by the current instance.

(Inherited from CodeAccessPermission)
Deny() Deny() Deny() Deny()

防止呼叫堆疊中較高層的呼叫端,使用呼叫這個方法的程式碼來存取目前執行個體所指定的資源。Prevents callers higher in the call stack from using the code that calls this method to access the resource specified by the current instance.

(Inherited from CodeAccessPermission)
Equals(Object) Equals(Object) Equals(Object) Equals(Object)

判斷指定的 CodeAccessPermission 物件是否等於目前的 CodeAccessPermissionDetermines whether the specified CodeAccessPermission object is equal to the current CodeAccessPermission.

(Inherited from CodeAccessPermission)
FromXml(SecurityElement) FromXml(SecurityElement) FromXml(SecurityElement) FromXml(SecurityElement)

為 XML 編碼方式重建 SocketPermission 執行個體。Reconstructs a SocketPermission instance for an XML encoding.

GetHashCode() GetHashCode() GetHashCode() GetHashCode()

取得 CodeAccessPermission 物件的雜湊碼,其適合用於雜湊表這類的雜湊演算法和資料結構。Gets a hash code for the CodeAccessPermission object that is suitable for use in hashing algorithms and data structures such as a hash table.

(Inherited from CodeAccessPermission)
GetType() GetType() GetType() GetType()

取得目前執行個體的 TypeGets the Type of the current instance.

(Inherited from Object)
Intersect(IPermission) Intersect(IPermission) Intersect(IPermission) Intersect(IPermission)

傳回兩個 SocketPermission 執行個體間的邏輯交集。Returns the logical intersection between two SocketPermission instances.

IsSubsetOf(IPermission) IsSubsetOf(IPermission) IsSubsetOf(IPermission) IsSubsetOf(IPermission)

判斷目前使用權限是否為指定之使用權限的子集。Determines if the current permission is a subset of the specified permission.

IsUnrestricted() IsUnrestricted() IsUnrestricted() IsUnrestricted()

檢查物件的整體使用權限狀態。Checks the overall permission state of the object.

MemberwiseClone() MemberwiseClone() MemberwiseClone() MemberwiseClone()

建立目前 Object 的淺層複本 (Shallow Copy)。Creates a shallow copy of the current Object.

(Inherited from Object)
PermitOnly() PermitOnly() PermitOnly() PermitOnly()

防止呼叫堆疊中較高層的呼叫端,使用呼叫這個方法的程式碼來存取除了目前執行個體所指定資源之外的所有資源。Prevents callers higher in the call stack from using the code that calls this method to access all resources except for the resource specified by the current instance.

(Inherited from CodeAccessPermission)
ToString() ToString() ToString() ToString()

建立並傳回目前使用權限物件的字串表示。Creates and returns a string representation of the current permission object.

(Inherited from CodeAccessPermission)
ToXml() ToXml() ToXml() ToXml()

建立 SocketPermission 執行個體和其目前狀態的 XML 編碼方式。Creates an XML encoding of a SocketPermission instance and its current state.

Union(IPermission) Union(IPermission) Union(IPermission) Union(IPermission)

傳回兩個 SocketPermission 執行個體間的邏輯聯集。Returns the logical union between two SocketPermission instances.

明確介面實作

IPermission.Demand() IPermission.Demand() IPermission.Demand() IPermission.Demand() Inherited from CodeAccessPermission
IStackWalk.Assert() IStackWalk.Assert() IStackWalk.Assert() IStackWalk.Assert() Inherited from CodeAccessPermission
IStackWalk.Demand() IStackWalk.Demand() IStackWalk.Demand() IStackWalk.Demand() Inherited from CodeAccessPermission
IStackWalk.Deny() IStackWalk.Deny() IStackWalk.Deny() IStackWalk.Deny() Inherited from CodeAccessPermission
IStackWalk.PermitOnly() IStackWalk.PermitOnly() IStackWalk.PermitOnly() IStackWalk.PermitOnly() Inherited from CodeAccessPermission

適用於