Professional Windows 7 Development Guide by John Paul Mueller

Author:John Paul Mueller
Language: eng
Format: epub, pdf
Publisher: Wiley
Published: 2011-01-04T16:00:00+00:00

// Create a membership condition check.

ZoneMembershipCondition ZoneMember;

ZoneMember = new ZoneMembershipCondition(SecurityZone.MyComputer);

// Check for application directory membership.

if (ZoneMember.Check(EV))

MessageBox.Show("Assembly is a member.");

else

MessageBox.Show("Assembly doesn't belong.");

}

The code begins by accessing the assembly to get the evidence needed for this check. The example gains access to the current assembly using the GetExecutingAssembly() method. However, you could also use calls such as LoadAssembly() to load an external assembly.

Once the code has access to the assembly, it uses the Evidence property to get all the evidence for the assembly. Most assemblies support four kinds of evidence as a minimum: Zone, URL, StrongName, and Hash.

This code checks for Zone class membership using the ZoneMembershipCondition object ZoneMember. As part of creating ZoneMember, you must define the SecurityZone enumeration member to check.

The Check() method returns a simple Boolean value indicating whether the assembly is part of the specified class, which is SecurityZone.MyComputer in this case. Because you’re executing this program from your desktop, the check likely passes in this case. However, if you were to check for some other zone, the check would fail. Note that checking membership doesn’t generate a permission object — all this check does is tell you when an assembly has a particular membership.

Developing for Security Roles

Role-Based Security asks the question of whether some entity (a user, the system, a program) is in a particular role. If it’s in that role, the entity can likely access a system resource or application feature safely. The concept of a role is different from something more absolute like a group. When you’re a member of a group, you have the same access whether you access the system from a local machine or the Internet. A role does include the idea of group membership, but this is membership based on the environment — the kind of access requested in a given situation from a specific location. An entity’s security role changes, rather than being absolute. The following sections describe how to check a user’s role based on the evidence presented by the application’s current domain.

Configuring the Security Role Example

This example begins with a Windows Forms application. You add a Test button (btnTest). In addition, you need to add the following using statements:

using System.Security.Principal;

using System.Threading;

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.