XmlSecureResolver Constructor (XmlResolver, String)


The .NET API Reference documentation has a new home. Visit the .NET API Browser on docs.microsoft.com to see the new experience.

Initializes a new instance of the XmlSecureResolver class with the XmlResolver and URL provided.

Namespace:   System.Xml
Assembly:  System.Xml (in System.Xml.dll)

public XmlSecureResolver(
	XmlResolver resolver,
	string securityUrl


Type: System.Xml.XmlResolver

The XML resolver that is wrapped by the XmlSecureResolver.

Type: System.String

The URL used to create the PermissionSet that will be applied to the underlying XmlResolver. The XmlSecureResolver calls PermissionSet.PermitOnly on the created PermissionSet before calling GetEntity on the underlying XmlResolver.


There are differences in the security infrastructure for code running on the .NET Framework common language runtime (CLR) and for code running on the CLR that is integrated within Microsoft SQL Server 2005. This can lead to cases where code developed for the .NET Framework CLR operates differently when used on the SQL Server integrated CLR. One of these differences affects the XmlSecureResolver class when you have evidence that is based on a URL (that is, when you use the CreateEvidenceForUrl method or the XmlSecureResolver(XmlResolver, String) constructor). The policy resolution mechanism of the SQL Server integrated CLR does not use the Url or Zone information. Instead, it grants permissions based on the GUID that the server adds when assemblies are loaded. When you use the XmlSecureResolver in the SQL Server integrated CLR, provide any required evidence directly by using a specified PermissionSet.

This example uses the XmlSecureResolver(XmlResolver, String) constructor to create an XmlSecureResolver object that is allowed to access your local intranet site only.

XmlSecureResolver myResolver = new XmlSecureResolver(new XmlUrlResolver(), "http://myLocalSite/");

.NET Framework
Available since 1.1
Return to top