HostSecurityManager 類別
定義
重要
部分資訊涉及發行前產品,在發行之前可能會有大幅修改。 Microsoft 對此處提供的資訊,不做任何明確或隱含的瑕疵擔保。
允許控制及自訂應用程式定義域的安全性行為。
public ref class HostSecurityManagerpublic class HostSecurityManager[System.Runtime.InteropServices.ComVisible(true)]
[System.Serializable]
public class HostSecurityManager[System.Runtime.InteropServices.ComVisible(true)]
[System.Serializable]
[System.Security.SecurityCritical]
public class HostSecurityManagertype HostSecurityManager = class[<System.Runtime.InteropServices.ComVisible(true)>]
[<System.Serializable>]
type HostSecurityManager = class[<System.Runtime.InteropServices.ComVisible(true)>]
[<System.Serializable>]
[<System.Security.SecurityCritical>]
type HostSecurityManager = classPublic Class HostSecurityManager- 繼承
-
HostSecurityManager
- 屬性
範例
下列範例示範 的非常簡單實作 HostSecurityManager 。
// To replace the default security manager with MySecurityManager, add the
// assembly to the GAC and call MySecurityManager in the
// custom implementation of the AppDomainManager.
using System;
using System.Collections;
using System.Net;
using System.Reflection;
using System.Security;
using System.Security.Permissions;
using System.Security.Policy;
using System.Security.Principal;
using System.Threading;
using System.Runtime.InteropServices;
using System.Runtime.Hosting;
[assembly: System.Security.AllowPartiallyTrustedCallersAttribute()]
namespace MyNamespace
{
[Serializable()]
[SecurityPermissionAttribute(SecurityAction.Demand, Flags = SecurityPermissionFlag.Infrastructure)]
public class MySecurityManager : HostSecurityManager
{
public MySecurityManager()
{
Console.WriteLine(" Creating MySecurityManager.");
}
private HostSecurityManagerOptions hostFlags = HostSecurityManagerOptions.HostDetermineApplicationTrust |
HostSecurityManagerOptions.HostAssemblyEvidence;
public override HostSecurityManagerOptions Flags
{
get
{
return hostFlags;
}
}
public override Evidence ProvideAssemblyEvidence(Assembly loadedAssembly, Evidence evidence)
{
Console.WriteLine("Provide assembly evidence for: " + (loadedAssembly == null ? "Unknown" : loadedAssembly.ToString()) + ".");
if (evidence == null)
return null;
evidence.AddAssemblyEvidence(new CustomEvidenceType());
return evidence;
}
public override Evidence ProvideAppDomainEvidence(Evidence evidence)
{
Console.WriteLine("Provide evidence for the " + AppDomain.CurrentDomain.FriendlyName + " AppDomain.");
if (evidence == null)
return null;
evidence.AddHostEvidence(new CustomEvidenceType());
return evidence;
}
[SecurityPermissionAttribute(SecurityAction.Demand, Execution = true)]
[SecurityPermissionAttribute(SecurityAction.Assert, Unrestricted = true)]
public override ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context)
{
if (applicationEvidence == null)
throw new ArgumentNullException("applicationEvidence");
// Get the activation context from the application evidence.
// This HostSecurityManager does not examine the activator evidence
// nor is it concerned with the TrustManagerContext;
// it simply grants the requested grant in the application manifest.
IEnumerator enumerator = applicationEvidence.GetHostEnumerator();
ActivationArguments activationArgs = null;
while (enumerator.MoveNext())
{
activationArgs = enumerator.Current as ActivationArguments;
if (activationArgs != null)
break;
}
if (activationArgs == null)
return null;
ActivationContext activationContext = activationArgs.ActivationContext;
if (activationContext == null)
return null;
ApplicationTrust trust = new ApplicationTrust(activationContext.Identity);
ApplicationSecurityInfo asi = new ApplicationSecurityInfo(activationContext);
trust.DefaultGrantSet = new PolicyStatement(asi.DefaultRequestSet, PolicyStatementAttribute.Nothing);
trust.IsApplicationTrustedToRun = true;
return trust;
}
}
[Serializable()]
public class CustomEvidenceType : EvidenceBase
{
public CustomEvidenceType() { }
public override string ToString()
{
return "CustomEvidenceType";
}
}
}
' To replace the default security manager with MySecurityManager, add the
' assembly to the GAC and call MySecurityManager in the
' custom implementation of the AppDomainManager.
Imports System.Collections
Imports System.Net
Imports System.Reflection
Imports System.Security
Imports System.Security.Permissions
Imports System.Security.Policy
Imports System.Security.Principal
Imports System.Threading
Imports System.Runtime.InteropServices
Imports System.Runtime.Hosting
<Assembly: System.Security.AllowPartiallyTrustedCallersAttribute()>
<Serializable(), SecurityPermissionAttribute(SecurityAction.Demand, Flags:=SecurityPermissionFlag.Infrastructure)> _
Public Class MySecurityManager
Inherits HostSecurityManager
Public Sub New()
Console.WriteLine(" Creating MySecurityManager.")
End Sub
Private hostFlags As HostSecurityManagerOptions = HostSecurityManagerOptions.HostDetermineApplicationTrust Or HostSecurityManagerOptions.HostAssemblyEvidence
Public Overrides ReadOnly Property Flags() As HostSecurityManagerOptions
Get
Return hostFlags
End Get
End Property
Public Overrides Function ProvideAssemblyEvidence(ByVal loadedAssembly As [Assembly], ByVal evidence As Evidence) As Evidence
Console.WriteLine("Provide assembly evidence for: " + IIf(loadedAssembly Is Nothing, "Unknown", loadedAssembly.ToString()) + ".") 'TODO: For performance reasons this should be changed to nested IF statements
If evidence Is Nothing Then
Return Nothing
End If
evidence.AddAssemblyEvidence(New CustomEvidenceType())
Return evidence
End Function 'ProvideAssemblyEvidence
Public Overrides Function ProvideAppDomainEvidence(ByVal evidence As Evidence) As Evidence
Console.WriteLine("Provide evidence for the " + AppDomain.CurrentDomain.FriendlyName + " AppDomain.")
If evidence Is Nothing Then
Return Nothing
End If
evidence.AddHostEvidence(New CustomEvidenceType())
Return evidence
End Function 'ProvideAppDomainEvidence
<SecurityPermissionAttribute(SecurityAction.Demand, Execution:=True), SecurityPermissionAttribute(SecurityAction.Assert, Unrestricted:=True)> _
Public Overrides Function DetermineApplicationTrust(ByVal applicationEvidence As Evidence, ByVal activatorEvidence As Evidence, ByVal context As TrustManagerContext) As ApplicationTrust
If applicationEvidence Is Nothing Then
Throw New ArgumentNullException("applicationEvidence")
End If
' Get the activation context from the application evidence.
' This HostSecurityManager does not examine the activator evidence
' nor is it concerned with the TrustManagerContext;
' it simply grants the requested grant in the application manifest.
Dim enumerator As IEnumerator = applicationEvidence.GetHostEnumerator()
Dim activationArgs As ActivationArguments = Nothing
While enumerator.MoveNext()
activationArgs = enumerator.Current '
If Not (activationArgs Is Nothing) Then
Exit While
End If
End While
If activationArgs Is Nothing Then
Return Nothing
End If
Dim activationContext As ActivationContext = activationArgs.ActivationContext
If activationContext Is Nothing Then
Return Nothing
End If
Dim trust As New ApplicationTrust(activationContext.Identity)
Dim asi As New ApplicationSecurityInfo(activationContext)
trust.DefaultGrantSet = New PolicyStatement(asi.DefaultRequestSet, PolicyStatementAttribute.Nothing)
trust.IsApplicationTrustedToRun = True
Return trust
End Function 'DetermineApplicationTrust
End Class
<Serializable()> _
Public Class CustomEvidenceType
Inherits EvidenceBase
Public Sub New()
End Sub
Public Overrides Function ToString() As String
Return "CustomEvidenceType"
End Function 'ToString
End Class
備註
當您建立新的 AppDomain 時,Common Language Runtime 會查詢 AppDomainManagerHostSecurityManager 是否存在 ,其會參與進行 AppDomain 的安全性決策。 主機提供者應該實作繼承自 類別的 HostSecurityManager 主機安全性管理員。
給繼承者的注意事項
每當載入元件時,會隱含或明確呼叫 的一些成員 HostSecurityManager 。 ProvideAssemblyEvidence(Assembly, Evidence)和 ProvideAppDomainEvidence(Evidence) 方法不得載入任何元件,因為這樣做會導致以遞迴方式呼叫 的成員 HostSecurityManager 。 若要避免迴圈參考,您應該在衍生自 HostSecurityManager 的類別建構函式中,建立可能導致元件以隱含或明確方式載入的新類別實例。
建構函式
| HostSecurityManager() |
初始化 HostSecurityManager 類別的新執行個體。 |
屬性
| DomainPolicy |
已淘汰.
在衍生類別中覆寫時,取得目前應用程式定義域的安全性原則。 |
| Flags |
取得旗標,表示主機的重要安全性原則元件。 |
方法
| DetermineApplicationTrust(Evidence, Evidence, TrustManagerContext) |
決定是否應該執行應用程式。 |
| Equals(Object) |
判斷指定的物件是否等於目前的物件。 (繼承來源 Object) |
| GenerateAppDomainEvidence(Type) |
針對應用程式定義域要求特定辨識項型別。 |
| GenerateAssemblyEvidence(Type, Assembly) |
針對組件要求特定辨識項型別。 |
| GetHashCode() |
做為預設雜湊函式。 (繼承來源 Object) |
| GetHostSuppliedAppDomainEvidenceTypes() |
判斷主機可為應用程式定義域提供的辨識項型別 (如有要求的話)。 |
| GetHostSuppliedAssemblyEvidenceTypes(Assembly) |
判斷主機可為組件提供的辨識項型別 (如有要求的話)。 |
| GetType() |
取得目前執行個體的 Type。 (繼承來源 Object) |
| MemberwiseClone() |
建立目前 Object 的淺層複製。 (繼承來源 Object) |
| ProvideAppDomainEvidence(Evidence) |
提供要載入之組件的應用程式定義域辨識項。 |
| ProvideAssemblyEvidence(Assembly, Evidence) |
提供要載入之組件的組件辨識項。 |
| ResolvePolicy(Evidence) |
已淘汰.
根據指定的辨識項,判斷授與程式碼的權限。 |
| ToString() |
傳回代表目前物件的字串。 (繼承來源 Object) |
適用於
意見反應
即將登場:在 2024 年,我們將逐步淘汰 GitHub 問題作為內容的意見反應機制,並將它取代為新的意見反應系統。 如需詳細資訊,請參閱:https://aka.ms/ContentUserFeedback。
提交並檢視相關的意見反應