Export (0) Print
Expand All

ZoneIdentityPermission Class

Defines the identity permission for the zone from which the code originates. This class cannot be inherited.

Namespace:  System.Security.Permissions
Assembly:  mscorlib (in mscorlib.dll)

[SerializableAttribute]
[ComVisibleAttribute(true)]
public sealed class ZoneIdentityPermission : CodeAccessPermission

This permission can determine whether calling code is from a certain zone. Zones are configured according to the Microsoft Internet Explorer options, and are mapped from URL by Internet Explorer's IInternetSecurityManager and related APIs. Only exact zone matches are defined for the permission; a URL can only belong to one zone.

  • Local intranet zone: The Local intranet zone is used for content located on a company's intranet. Because the servers are within a company's firewall, content on the intranet is assigned a higher level of trust.

  • Trusted sites zone: The Trusted sites zone is used for content located on Web sites that are considered more reputable or trustworthy than other sites on the Internet. Users can use this zone to assign a higher level of trust to specific Internet sites. The URLs of these trusted Web sites need to be mapped into this zone by the user. By default, sites in the Trusted sites zone receive no higher trust than those in the Internet zone. A user or company needs to change the level of trust granted to this zone if they want the sites it contains to be given a higher level of trust.

  • Internet zone: The Internet zone is used for the Web sites on the Internet that do not belong to another zone. The default settings allow code downloaded from these sites only minimal access to resources on the user's computer. Web sites that are not mapped into other zones automatically fall into this zone.

  • Restricted sites zone: The Restricted sites zone is used for Web sites that contain content that could cause, or could have previously caused, problems when downloaded. This zone could be used to prevent code downloaded from these sites from running on the user's computer. The URLs of these untrusted Web sites need to be mapped into this zone by the user.

  • Local Machine zone: The Local Machine zone is an implicit zone that is used for content that exists on the user's computer. The content found on the user's computer, except for content cached by Internet Explorer on the local system, is treated with a very high level of trust.

Important noteImportant Note:

In the .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective, even when the calling assembly is fully trusted. That is, although the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. In the .NET Framework version 2.0, demands for identity permissions are ineffective if the calling assembly has full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case.

The following code example shows the behavior of the ZoneIdentityPermission class methods.

NoteNote:

The code example is intended to show the behavior of the methods, not to demonstrate their use. In general, the methods of permission classes are used by the security infrastructure; they are not typically used in applications. Generally, only the constructors are used in application code. The created instance validates or controls resource access by using inherited CodeAccessPermission methods such as Demand.

using System;
using System.Security;
using System.Security.Permissions;

public class ZoneIdentityPermissionDemo
{
    public static void Main(String[] args)
    {
        IsSubsetOfDemo();
        CopyDemo();
        UnionDemo();
        IntersectDemo();
        ToFromXmlDemo();
    }

    // IsSubsetOf determines whether the current permission is a subset of the specified permission. 
    private static void IsSubsetOfDemo()
    {
        ZoneIdentityPermission zoneIdPerm1 = new ZoneIdentityPermission(SecurityZone.Intranet);
        ZoneIdentityPermission zoneIdPerm2 = new ZoneIdentityPermission(SecurityZone.MyComputer);

        if (zoneIdPerm1.IsSubsetOf(zoneIdPerm2))
        {
            Console.WriteLine(zoneIdPerm1.SecurityZone.ToString() + " is a subset of " +
                zoneIdPerm2.SecurityZone.ToString());
        }
        else
        {
            Console.WriteLine(zoneIdPerm1.SecurityZone.ToString() + " is not a subset of " +
                zoneIdPerm2.SecurityZone.ToString());

        }
        if (zoneIdPerm2.IsSubsetOf(zoneIdPerm1))
        {
            Console.WriteLine(zoneIdPerm2.SecurityZone.ToString() + " is a subset of " +
                zoneIdPerm1.SecurityZone.ToString());
        }
        else
        {
            Console.WriteLine(zoneIdPerm2.SecurityZone.ToString() + " is not a subset of " +
                zoneIdPerm1.SecurityZone.ToString());

        }
    }
    // Union creates a new permission that is the union of the current permission 
    // and the specified permission. 
    private static void UnionDemo()
    {
        ZoneIdentityPermission zoneIdPerm1 = new ZoneIdentityPermission(SecurityZone.Intranet);
        ZoneIdentityPermission zoneIdPerm2 = new ZoneIdentityPermission(SecurityZone.MyComputer);
        ZoneIdentityPermission p3 = (ZoneIdentityPermission)zoneIdPerm1.Union(zoneIdPerm2);
        try
        {
            if (p3 != null)
            {
                Console.WriteLine("The union of " + zoneIdPerm1.SecurityZone.ToString() +
                    " and \n\t" + zoneIdPerm2.SecurityZone.ToString() + " is \n\t"
                    + p3.SecurityZone.ToString() + "\n");

            }
            else
            {
                Console.WriteLine("The union of " + zoneIdPerm1.SecurityZone.ToString() +
                    " and \n\t" + zoneIdPerm2.SecurityZone.ToString() + " is null.\n");
            }
        }
        catch (SystemException e)
        {
            Console.WriteLine("The union of " + zoneIdPerm1.SecurityZone.ToString() +
                    " and \n\t" + zoneIdPerm2.SecurityZone.ToString() + " failed.");

            Console.WriteLine(e.Message);
        }

    }
    // Intersect creates and returns a new permission that is the intersection of the 
    // current permission and the permission specified. 
    private static void IntersectDemo()
    {

        ZoneIdentityPermission zoneIdPerm1 = new ZoneIdentityPermission(SecurityZone.Intranet);
        ZoneIdentityPermission zoneIdPerm2 = new ZoneIdentityPermission(SecurityZone.MyComputer);
        ZoneIdentityPermission p3 = (ZoneIdentityPermission)zoneIdPerm1.Intersect(zoneIdPerm2);

        if (p3 != null)
        {
            Console.WriteLine("The intersection of " + zoneIdPerm1.SecurityZone.ToString() + " and \n\t" +
                zoneIdPerm2.SecurityZone.ToString() + " is " + p3.SecurityZone.ToString() + "\n");

        }
        else
        {
            Console.WriteLine("The intersection of " + zoneIdPerm1.SecurityZone.ToString() +
                " and \n\t" + zoneIdPerm2.SecurityZone.ToString() + " is null.\n");
        }


    }
    //Copy creates and returns an identical copy of the current permission. 
    private static void CopyDemo()
    {

        ZoneIdentityPermission zoneIdPerm1 = new ZoneIdentityPermission(SecurityZone.Intranet);
        ZoneIdentityPermission zoneIdPerm2 = new ZoneIdentityPermission(PermissionState.None);
        zoneIdPerm2 = (ZoneIdentityPermission)zoneIdPerm1.Copy();
        if (zoneIdPerm2 != null)
        {
            Console.WriteLine("The copy succeeded:  " + zoneIdPerm2.ToString() + " \n");
        }

    }
    // ToXml creates an XML encoding of the permission and its current state; FromXml reconstructs a 
    // permission with the specified state from the XML encoding. 
    private static void ToFromXmlDemo()
    {


        ZoneIdentityPermission zoneIdPerm1 = new ZoneIdentityPermission(SecurityZone.Intranet);
        ZoneIdentityPermission zoneIdPerm2 = new ZoneIdentityPermission(PermissionState.None);
        zoneIdPerm2.FromXml(zoneIdPerm1.ToXml());
        bool result = zoneIdPerm2.Equals(zoneIdPerm1);
        if (result)
        {
            Console.WriteLine("Result of ToFromXml = " + zoneIdPerm2.ToString());
        }
        else
        {
            Console.WriteLine(zoneIdPerm2.ToString());
            Console.WriteLine(zoneIdPerm1.ToString());
        }

    }
}

System.Object
  System.Security.CodeAccessPermission
    System.Security.Permissions.ZoneIdentityPermission

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

.NET Framework

Supported in: 3.5, 3.0, 2.0, 1.1, 1.0

Community Additions

ADD
Show:
© 2014 Microsoft