This topic has not yet been rated - Rate this topic

SiteIdentityPermission Class

.NET Framework 4

Other Versions

Updated: May 2010

Defines the identity permission for the Web site from which the code originates. This class cannot be inherited.

Inheritance Hierarchy

System.Object
System.Security.CodeAccessPermission
System.Security.Permissions.SiteIdentityPermission

Namespace: System.Security.Permissions
Assembly: mscorlib (in mscorlib.dll)

Syntax

C++

Copy

[SerializableAttribute]
[ComVisibleAttribute(true)]
public sealed class SiteIdentityPermission : CodeAccessPermission

The SiteIdentityPermission type exposes the following members.

Constructors

	Name	Description
	SiteIdentityPermission(PermissionState)	Initializes a new instance of the SiteIdentityPermission class with the specified PermissionState.
	SiteIdentityPermission(String)	Initializes a new instance of the SiteIdentityPermission class to represent the specified site identity.

Top

Properties

	Name	Description
	Site	Gets or sets the current site.

Top

Methods

	Name	Description
	Assert	Declares that the calling code can access the resource protected by a permission demand through the code that calls this method, even if callers higher in the stack have not been granted permission to access the resource. Using Assert can create security issues. (Inherited from CodeAccessPermission.)
	Copy	Creates and returns an identical copy of the current permission. (Overrides CodeAccessPermission.Copy().)
	Demand	Forces a SecurityException at run time if all callers higher in the call stack have not been granted the permission specified by the current instance. (Inherited from CodeAccessPermission.)
	Deny	Obsolete. Prevents callers higher in the call stack from using the code that calls this method to access the resource specified by the current instance. (Inherited from CodeAccessPermission.)
	Equals	Determines whether the specified CodeAccessPermission object is equal to the current CodeAccessPermission. (Inherited from CodeAccessPermission.)
	Finalize	Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
	FromXml	Reconstructs a permission with a specified state from an XML encoding. (Overrides CodeAccessPermission.FromXml(SecurityElement).)
	GetHashCode	Gets a hash code for the CodeAccessPermission object that is suitable for use in hashing algorithms and data structures such as a hash table. (Inherited from CodeAccessPermission.)
	GetType	Gets the Type of the current instance. (Inherited from Object.)
	Intersect	Creates and returns a permission that is the intersection of the current permission and the specified permission. (Overrides CodeAccessPermission.Intersect(IPermission).)
	IsSubsetOf	Determines whether the current permission is a subset of the specified permission. (Overrides CodeAccessPermission.IsSubsetOf(IPermission).)
	MemberwiseClone	Creates a shallow copy of the current Object. (Inherited from Object.)
	PermitOnly	Prevents callers higher in the call stack from using the code that calls this method to access all resources except for the resource specified by the current instance. (Inherited from CodeAccessPermission.)
	ToString	Creates and returns a string representation of the current permission object. (Inherited from CodeAccessPermission.)
	ToXml	Creates an XML encoding of the permission and its current state. (Overrides CodeAccessPermission.ToXml().)
	Union	Creates a permission that is the union of the current permission and the specified permission. (Overrides CodeAccessPermission.Union(IPermission).)

Top

Remarks

Using this class, it is possible to ensure that callers are from a specific Web site. Site identity is only defined for code from URLs with the protocols of HTTP, HTTPS, and FTP. A site is the string between the "//" after the protocol of a URL and the following "/", if present, for example, www.fourthcoffee.com in the URL http://www.fourthcoffee.com/process/grind.htm. This excludes port numbers. If a given URL is http://www.fourthcoffee.com:8000/, the site is www.fourthcoffee.com, not www.fourthcoffee.com:8000.

Sites can be matched exactly, or by a wildcard ("*") prefix at the dot delimiter. For example, the site name string *.fourthcoffee.com matches fourthcoffee.com as well as www.fourthcoffee.com. Without a wildcard, the site name must be a precise match. The site name string * will match any site, but will not match code that has no site evidence.

Important
Starting with the .NET Framework version 4, identity permissions are not used. In the .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective, even when the calling assembly is fully trusted. That is, although the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. Starting with the .NET Framework version 2.0, demands for identity permissions are ineffective if the calling assembly has full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case.

Important

Starting with the .NET Framework version 4, identity permissions are not used.

In the .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective, even when the calling assembly is fully trusted. That is, although the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. Starting with the .NET Framework version 2.0, demands for identity permissions are ineffective if the calling assembly has full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case.

Note
In versions of the .NET Framework before the .NET Framework version 4, you could use the CodeAccessPermission.Deny method to prevent inadvertent access to system resources by trusted code. Deny is now obsolete, and access to resources is now determined solely by the granted permission set for an assembly. To limit access to files, you must run partially trusted code in a sandbox and assign it permissions only to resources that the code is allowed to access. For information about running an application in a sandbox, see How to: Run Partially Trusted Code in a Sandbox.

Note

In versions of the .NET Framework before the .NET Framework version 4, you could use the CodeAccessPermission.Deny method to prevent inadvertent access to system resources by trusted code. Deny is now obsolete, and access to resources is now determined solely by the granted permission set for an assembly. To limit access to files, you must run partially trusted code in a sandbox and assign it permissions only to resources that the code is allowed to access. For information about running an application in a sandbox, see How to: Run Partially Trusted Code in a Sandbox.

Note
In the .NET Framework versions 1.0 and 1.1, identity permissions cannot have an Unrestricted permission state value. Starting with the .NET Framework version 2.0, identity permissions can have any permission state value. This means that in 2.0 and later versions, identity permissions have the same behavior as permissions that implement the IUnrestrictedPermission interface.

Version Information

.NET Framework

Supported in: 4, 3.5, 3.0, 2.0, 1.1, 1.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Platforms

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Thread Safety

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.