SqlClientPermission Class

Enables the .NET Framework Data Provider for SQL Server to help make sure that a user has a security level sufficient to access a data source.

Namespace: System.Data.SqlClient
Assembly: System.Data (in system.data.dll)

public sealed class SqlClientPermission : DBDataPermission
/** @attribute SerializableAttribute() */ 
public final class SqlClientPermission extends DBDataPermission
public final class SqlClientPermission extends DBDataPermission

The IsUnrestricted property takes precedence over the AllowBlankPassword property. Therefore, if you set AllowBlankPassword to false, you must also set IsUnrestricted to false to prevent a user from making a connection using a blank password.


When using code access security permissions for ADO.NET, the correct pattern is to start with the most restrictive case (no permissions at all) and then add the specific permissions that are needed for the particular task that the code needs to perform. The opposite pattern, starting with all permissions and then denying a specific permission, is not secure, because there are many ways of expressing the same connection string. For example, if you start with all permissions and then attempt to deny the use of the connection string "server=someserver", the string "server=someserver.mycompany.com" would still be allowed. By always starting by granting no permissions at all, you reduce the chances that there are holes in the permission set.


Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see System Requirements.

.NET Framework

Supported in: 2.0, 1.1, 1.0