Export (0) Print
Expand All

HostProtectionAttribute Class

Note: This class is new in the .NET Framework version 2.0.

Allows the use of declarative security actions to determine host protection requirements. This class cannot be inherited.

Namespace: System.Security.Permissions
Assembly: mscorlib (in mscorlib.dll)

[SerializableAttribute] 
[AttributeUsageAttribute(AttributeTargets::Assembly|AttributeTargets::Class|AttributeTargets::Struct|AttributeTargets::Constructor|AttributeTargets::Method|AttributeTargets::Delegate, AllowMultiple=true, Inherited=false)] 
[ComVisibleAttribute(true)] 
public ref class HostProtectionAttribute sealed : public CodeAccessSecurityAttribute
/** @attribute SerializableAttribute() */ 
/** @attribute AttributeUsageAttribute(AttributeTargets.Assembly|AttributeTargets.Class|AttributeTargets.Struct|AttributeTargets.Constructor|AttributeTargets.Method|AttributeTargets.Delegate, AllowMultiple=true, Inherited=false) */ 
/** @attribute ComVisibleAttribute(true) */ 
public final class HostProtectionAttribute extends CodeAccessSecurityAttribute
SerializableAttribute 
AttributeUsageAttribute(AttributeTargets.Assembly|AttributeTargets.Class|AttributeTargets.Struct|AttributeTargets.Constructor|AttributeTargets.Method|AttributeTargets.Delegate, AllowMultiple=true, Inherited=false) 
ComVisibleAttribute(true) 
public final class HostProtectionAttribute extends CodeAccessSecurityAttribute

This attribute affects only unmanaged applications that host the common language runtime and implement host protection, such as SQL Server. If the code is run in a client application or on a server that is not host-protected, the attribute "evaporates"; it is not detected and therefore not applied. When applied, the security action results in the creation of a link demand based on the host resources the class or method exposes.

NoteImportant:

The purpose of this attribute is to enforce host-specific programming model guidelines, not security behavior. Although a link demand is used to check for conformance to programming model requirements, the HostProtectionAttribute is not a security permission.

If the host does not have programming model requirements, the link demands do not occur.

This attribute identifies the following:

  • Methods or classes that do not fit the host programming model, but are otherwise benign.

  • Methods or classes that do not fit the host programming model and could lead to destabilizing server-managed user code.

  • Methods or classes that do not fit the host programming model and could lead to a destabilization of the server process itself.

NoteNote

If you are creating a class library that is to be called by applications that may execute in a host protected environment, you should apply this attribute to members that expose HostProtectionResource resource categories. The .NET Framework class library members with this attribute cause only the immediate caller to be checked. Your library member must also cause a check of its immediate caller in the same manner.

The following code example illustrates the use of the HostProtectionAttribute attribute with a variety of HostProtectionResource values.

#using <System.dll>
#using <System.Windows.Forms.dll>
#using <System.Drawing.dll>

using namespace System;
using namespace System::IO;
using namespace System::Threading;
using namespace System::Security;
using namespace System::Security::Policy;
using namespace System::Security::Principal;
using namespace System::Security::Permissions;
using namespace System::Diagnostics;
using namespace System::ComponentModel;
using namespace System::Windows::Forms;
using namespace System::Security::Permissions;

// The following class is an example of code that exposes external process management.
// Add the LicenseProviderAttribute to the control.

[assembly:SecurityPermissionAttribute(SecurityAction::RequestMinimum,ControlAppDomain=true)];
[assembly:SecurityPermissionAttribute(SecurityAction::RequestMinimum,Execution=true)];
[LicenseProvider(LicFileLicenseProvider::typeid)]
public ref class MyControl: public System::Windows::Forms::Control
{
private:

   // Create a new, null license.
   License^ license;

public:
   [HostProtection(ExternalProcessMgmt=true)]
   MyControl()
   {
      license = nullptr;
      
      // Determine if a valid license can be granted.
      bool isValid = LicenseManager::IsValid( MyControl::typeid );
      Console::WriteLine( "The result of the IsValid method call is {0}", isValid );
   }

};


// If this application is run on a server that implements host protection, the HostProtection attribute  
// is applied. If the application is run on a server that is not host-protected, the attribute 
// evaporates; it is not detected and therefore not applied. HostProtection can be configured with 
// members of the HostProtectionResource enumeration to customize the protection offered. 
// The primary intent of this sample is to show situations in which the HostProtection attribute
// might be meaningfully used.  The environment required to demonstrate a particular HostProtection is
// too complex to invoke within the scope of this sample.
public ref class HostProtectionExample
{
public:
   static int Success = 100;

private:

   // Use the enumeration flags to indicate that this method exposes shared state and 
   // self-affecting process management.
   // Either of the following attribute statements can be used to set the 
   // resource flags.
   // Exit the sample when an exception is thrown.

   [HostProtection(SharedState=true,SelfAffectingProcessMgmt=true)]
   [HostProtection(Resources=HostProtectionResource::SharedState|
   HostProtectionResource::SelfAffectingProcessMgmt)]
   static void Exit( String^ Message, int Code )
   {
      Console::WriteLine( "\nFAILED: {0} {1}", Message, Code );
      Environment::ExitCode = Code;
      Environment::Exit( Code );
   }


   // Use the enumeration flags to indicate that this method exposes shared state, 
   // self-affecting process management, and self-affecting threading.
   // This method allows the user to quit the sample.

   [HostProtection(SharedState=true,SelfAffectingProcessMgmt=true,
   SelfAffectingThreading=true,UI=true)]
   static void ExecuteBreak()
   {
      Console::WriteLine( "Executing Debugger.Break." );
      Debugger::Break();
      Debugger::Log( 1, "info", "test message" );
   }


   // Use the enumeration flags to indicate that this method exposes shared state, 
   // self-affecting threading and the security infrastructure.
   // ApplyIdentity sets the current identity.

   [HostProtection(SharedState=true,SelfAffectingThreading=true,
   SecurityInfrastructure=true)]
   static int ApplyIdentity()
   {
      array<String^>^roles = {"User"};
      try
      {
         AppDomain^ mAD = AppDomain::CurrentDomain;
         GenericPrincipal^ mGenPr = gcnew GenericPrincipal( WindowsIdentity::GetCurrent(),roles );
         mAD->SetPrincipalPolicy( PrincipalPolicy::WindowsPrincipal );
         mAD->SetThreadPrincipal( mGenPr );
         return Success;
      }
      catch ( Exception^ e ) 
      {
         Exit( e->ToString(), 5 );
      }

      return 0;
   }


public:

   // The following method is started on a separate thread.
   [PermissionSet(SecurityAction::Demand, Name="FullTrust")]
   static void WatchFileEvents()
   {
      try
      {
         Console::WriteLine( "In the child thread." );
         FileSystemWatcher^ watcher = gcnew FileSystemWatcher;
         watcher->Path = "C:\\Temp";
         
         // Watch for changes in LastAccess and LastWrite times, and 
         // name changes to files or directories. 
         watcher->NotifyFilter = static_cast<NotifyFilters>(NotifyFilters::LastAccess | NotifyFilters::LastWrite | NotifyFilters::FileName | NotifyFilters::DirectoryName);
         
         // Watch only text files.
         watcher->Filter = "*.txt";
         
         // Add event handlers.
         watcher->Changed += gcnew FileSystemEventHandler( OnChanged );
         watcher->Created += gcnew FileSystemEventHandler( OnChanged );
         watcher->Deleted += gcnew FileSystemEventHandler( OnChanged );
         
         // Begin watching.
         watcher->EnableRaisingEvents = true;
         
         // Wait for the user to quit the program.
         Console::WriteLine( "Event handlers have been enabled." );
         while ( Console::Read() != 'q' )
                  ;
      }
      catch ( Exception^ e ) 
      {
         Console::WriteLine( e->Message );
      }

   }


private:

   // Use the enumeration flags to indicate that this method exposes synchronization 
   //  and external threading.

   [HostProtection(Synchronization=true,ExternalThreading=true)]
   static void StartThread()
   {
      Thread^ t = gcnew Thread( gcnew ThreadStart( WatchFileEvents ) );
      
      // Start the new thread.  On a uniprocessor, the thread is not given 
      // any processor time until the main thread yields the processor.  
      t->Start();
      
      // Give the new thread a chance to execute.
      Thread::Sleep( 1000 );
   }


public:

   // Call methods that show the use of the HostProtectionResource enumeration.
   [HostProtection(Resources=HostProtectionResource::All)]
   static int Main()
   {
      try
      {
         
         // Show use of the HostProtectionResource.SharedState,
         //   HostProtectionResource.SelfAffectingThreading, and
         //   HostProtectionResource.Security enumeration values.
         ApplyIdentity();
         Directory::CreateDirectory( "C:\\Temp" );
         
         // Show use of the HostProtectionResource.Synchronization and
         //   HostProtectionResource.ExternalThreading enumeration values.
         StartThread();
         Console::WriteLine( "In the main thread." );
         Console::WriteLine( "Deleting and creating 'MyTestFile.txt'." );
         if ( File::Exists( "C:\\Temp\\MyTestFile.txt" ) )
         {
            File::Delete( "C:\\Temp\\MyTestFile.txt" );
         }
         StreamWriter^ sr = File::CreateText( "C:\\Temp\\MyTestFile.txt" );
         sr->WriteLine( "This is my file." );
         sr->Close();
         Thread::Sleep( 1000 );
         
         // Show use of the HostProtectionResource.SharedState,
         //   HostProtectionResource.SelfProcessMgmt,
         //   HostProtectionResource.SelfAffectingThreading, and
         //   HostProtectionResource.UI enumeration values.
         ExecuteBreak();
         
         // Show the use of the HostProtectionResource.ExternalProcessManagement enumeration value.
         MyControl^ myControl = gcnew MyControl;
         Console::WriteLine( "Enter 'q' to quit the sample." );
         return 100;
      }
      catch ( Exception^ e ) 
      {
         Exit( e->ToString(), 0 );
         return 0;
      }
   }

   // Define the event handlers.
   private:
   static void OnChanged( Object^ /*source*/, FileSystemEventArgs^ e )
   {
      
      // Specify whether a file is changed, created, or deleted.
      Console::WriteLine( "In the OnChanged event handler." );
      Console::WriteLine( "File: {0} {1}", e->FullPath, e->ChangeType );
   }

};

int main()
{
   return HostProtectionExample::Main();
}


Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see System Requirements.

.NET Framework

Supported in: 2.0

Community Additions

ADD
Show:
© 2014 Microsoft